Mike Boberski works at Booz Allen Hamilton. Mr. Boberski, an Associate in the firm, has more than 14 years experience in application security and the use of cryptography by applications. He is the project lead and a co-author of the application security assessment industry’s first standard for performing application security assessments. The standard is called the Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS). Mr. Boberski has a background in trusted product evaluation and Public Key Infrastructure (PKI) software development and integration. Experience in security-related testing programs includes the National Security Agency (NSA) Trust Technology Assessment Program (TTAP), NSA CCEVS (Common Criteria Evaluation and Validation Scheme) Common Criteria (CC) program, National Institute of Standards and Technology (NIST) Cryptographic Module Validation Program/ Cryptographic Algorithm Validation Program (CMVP/CAVP) FIPS 140-1 program, NIST CMVP/CAVP FIPS 140-2 program, and the Joint Interoperability Test Command (JITC) Public Key-Enabled (PKE) Application Testing programs. Experience in PKI software development and integration includes Public Key-Enabling applications. Mr. Boberski worked in professional service and R&D development groups on the Entrust Authority, Entrust Entelligence, Entrust GetAccess, and Entrust TruePass product lines. Of particular note, Mr. Boberski ran the development team that built, integrated, and maintained the USPS Electronic Postmark (EPM) when it was a server application-based offering, before it was turned into a hosted service. He has experience managing trusted product evaluation testing labs, professional service software development groups, and professional service software deployment groups. Publications include a technical pocket reference book called “EAL2 Design Pocket Reference” on the topic of developing CC design evidence. Patents include Patent # 7,321,969, Secure Instant Messaging System.
Last revised 02/13/2009