Common Criteria

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1.

Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner.

Read more about Common CriteriaKey Concepts, History, Testing Organizations, Mutual Recognition Arrangement, List of Abbreviations, Alternative Approaches

Other articles related to "common criteria, criteria":

Cryptographic Module Testing Laboratory - FIPS 140-2 in Relation To The Common Criteria
... A CMTL can also be a Common Criteria (CC) Testing Laboratory (CCTL) ... is a modifiable operational environment, the operating system requirements of the Common Criteria are applicable at FIPS Security Levels 2 and above ... operating systems that referenced the Trusted Computer System Evaluation Criteria (TCSEC) classes C2, B1 and B2 ...
Common Criteria Testing Laboratory
... A Common Criteria Testing Laboratory (CCTL) is an information technology (IT) computer security testing laboratory that is accredited to conduct IT security ...
Common Criteria - Alternative Approaches
... The UK has also produced a number of alternative schemes when the timescales, costs and overheads of mutual recognition have been found to be impeding the operation of the market The CESG System Evaluation (SYSn) and Fast Track Approach (FTA) schemes for assurance of government systems rather than generic products and services, which have now been merged into the CESG Tailored Assurance Service (CTAS) The CESG Claims Tested Mark (CCT Mark), which is aimed at handling less exhaustive assurance requirements for products and services in a cost and time efficient manner In early 2011, NSA/CSS published a paper by Chris Salter, which proposed a Protection Profile oriented approach towards evaluation ... In this approach, communities of interest form around technology types which in turn develop protection profiles that define the evaluation methodology for the technology type ...
CESG Claims Tested Mark - Comparisons
... The CCT Mark is often compared to the international Common Criteria (CC), which is simultaneously both correct and incorrect Both provide methods for achieving a measure of ...
Common Criteria Testing Laboratory - United States - CCTL Requirements
... General Requirements NIST Handbook 150-20, NVLAP Information Technology Security Testing — Common Criteria NIAP specific criteria for IT security evaluations and ... Government participants in selected Common Criteria evaluations ...

Famous quotes containing the words criteria and/or common:

    There are ... two minimum conditions necessary and sufficient for the existence of a legal system. On the one hand those rules of behavior which are valid according to the system’s ultimate criteria of validity must be generally obeyed, and on the other hand, its rules of recognition specifying the criteria of legal validity and its rules of change and adjudication must be effectively accepted as common public standards of official behavior by its officials.
    —H.L.A. (Herbert Lionel Adolphus)

    I hope there are some who will brave ridicule for the sake of common justice to half the people in the world.
    Barbara Leigh Smith Bodichon (1827–1891)