Common Criteria
Posted on December 5, 2015 by KVMGalore | 0 comments
Common Criteria is an international standard for computer security certification; the driving force for the widest available mutual recognition of secure IT products.
The Common Criteria for Information Technology Security Evaluation (CC), is the technical basis for an international agreement which ensures that products can be evaluated as to determine the fulfillment of particular security properties, to a certain extent or assurance.
Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements through the use of protection profiles; vendors, in turn, can then implement and/or make claims about the security attributes of their products; testing laboratories can evaluate the products to determine if they actually meet the claims.
In other words, Common Criteria provides an assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use.
Common Criteria is used as the basis for a Government driven certification scheme and typically evaluations are conducted for the use of Federal Government agencies, the military and critical infrastructure.