We are leading experts in EU and global standards for identity & information security and Trust Services.

Nimbus has been involved with a number of international and diverse stakeholders in the market for Trust Services since founded in 1999, and has acted on behalf of clients both public and private, large and small. Unlike other service providers, we don't try to reinvent the wheel. We use expert knowledge across the fields of technology, standards legislation and data security to produce and deploy intelligent, targeted, cost-effective solutions.

We are also a certified ISO 27001 Lead Auditor (BSI; IRCA).

Representative Summary of Completed Projects

Zeitzeuge

  • Development of blockchain, cloud-based Zeitzeuge digital authentication service

Bundesdruckerei GmbH
Support in the field of eIDAS legal and ETSI technical requirements

2015

  • Management of Rootstore Requirements from Mozilla, Microsoft, Google & Apple

  • Services to Migrate EU Standards from ETSI TS 102 042 to ETSI EN 319 411-1

2014

  • Study on Requirements from Google Certificate Transparency

  • Study on eIDAS Market Potential

  • Certification Policy and CPS for Kosovo

2011

  • PKI Hard- and Software for a PKI Full-Service Offer

European Union Agency for Network and Information Security
Co-editor of studies related to electronic identity and Trust Services

2019

  • Study on “global acceptance of eIDAS Audits”

2015

  • Study on Market Potential for Qualified Website Authentication Certificates

2014

  • Study on the Requirements for Trust Service Providers

  • Study on Qualified Trust Services

European Telecommunications Standards Institute (ETSI)

2018 – 2020 ongoing

  • Responsible Editor for TS 119 403-2: "Additional requirements for Conformity Assessment Bodies auditing Trust Service Providers that issue Publicly-Trusted Certificates"

2017 – 2019

  • Member of STF 560 “global acceptance of European Trust Services”

    2017 – 2019

  • Member of STF 523 “European Norms for electronic registered delivery and registered electronic mail”

2012 – 2014

  • Responsible Editor for EN 319 411-3: "Security Requirements for Trust Service Providers"

2011 – 2013

  • Specialist Task Force 438 Leader: "Incorporating CA/B Forum Requirements to ETSI Standards"

  • Specialist Task Force 427 Expert: "Quick Fixes to Electronic Signature Standards"

  • Specialist Task Force 412 Expert: "Guidance on TS 102 042 for Issuing Extended Validation Certificates"

Bundesamt für Sicherheit in der Informationstechnik (Federal Ministry for Security in Information Technology), Germany
Co-editor of studies related to electronic identity and Trust Services

2015

  • Study on Requirements for German De-Mail Providers

2013

  • Study on Requirements for German TSPs
    "Overview About NIST, ETSI, CEN and CA/B Forum Requirements to Trust Service Providers"

Emirates German Security Printing LLC
Strategic advice on national PKI services used for electronic identification

2015

  • Strategic Advice on eID and Assisted Ambient Living

2014

  • Study on Online Child Protection Using eID and Trust Services

  • Study on Online Protection of At-Risk Users Using eID and Trust Services

2013

  • Study on Biometrics and Directory Services

2012 – 2014

  • Strategic Advice on PKI Deployment, Including Identity Validation, Signature Policy and Mobile PKI Applications

DATEV eG

2014

  • Consulting in the field of adopting CP and CPS to eIDAS

Promon AS

2012

  • Consulting in the field of PKI market access and impact

German Savings Bank

2011

  • Study on Cloud Security: Market Needs and Potentials

Gematik: German eHealthCard Telematics

2005 – 2010

  • Strategic and Pragmatic Trusted Services for 60 Million eHealthCards using Trustservice Status Lists

  • Engineering Requirements for Public Tender