Common Criteria


Also found in: Medical, Acronyms, Wikipedia.

Common Criteria

The Common Criteria for Information Technology Security Evaluation (CC) is part of an international agreement for defining security objectives using agreed-upon terminology, for evaluating compliance with those objectives and for certifying products. The Common Criteria (CC) includes the Common Methodology for Information Technology Security Evaluation (CEM), which defines the minimum actions to conduct a CC evaluation. The Common Criteria Recognition Arrangement (CCRA) is an agreement whereby nations agree to accept the results of each other's security testing and evaluations.

The U.S. signatories, NSA and NIST, working jointly for the National Information Assurance Partnership (NIAP), have developed the Common Criteria Evaluation and Validation Scheme (CCEVS), which summarizes all the standards used by the U.S. that conform to the Common Criteria. For more information, visit www.commoncriteriaportal.org/cc and www.commoncriteriaportal.org/ccra.

The Common Criteria have largely replaced the Trusted Computer Security Evaluation Criteria (TCSEC), the Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) and the European Information Technology Security Evaluation Criteria (ITSEC).
References in periodicals archive ?
0 to help them grapple with the heightened demands for secure Web access, and delivery becomes increasingly complex, organizations can feel secure that they can verify the evaluation level certification to the EAL 3+ of the Common Criteria scheme, as defined by ISO/IEC 15408, which addresses product functionality, development environment, documentation, and product testing measures.
Common Criteria provides a broad range of evaluation criteria for commercial and nationally sensitive government-use IT security products.
The Common Criteria evaluation was performed in accordance with both the international Common Criteria standards (ISO/IEC 15408) and the guidance provided by the Common Criteria Evaluation and Validation Scheme (CCEVS), known as the National Information Assurance Partnership (NIAP), an organization managed jointly by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).
Recognized in 25 countries, Common Criteria is a set of internationally approved guidelines for evaluating and certifying the information security of IT products and information systems.
Common Criteria is an internationally recognized independent security certification recognized by governments in 26 countries across Europe, Australasia, Asia and North America.
3 with the added confidence that they meet the security standards set forth through Common Criteria.
Common Criteria was developed through collaboration among national security and standards organizations within Canada, France, Germany, the Netherlands, the United Kingdom and the United States, as a common standard to replace their existing security evaluation criteria.
CC product evaluations are conducted by accredited independent test labs known as Common Criteria test labs or CCTLs.
The Common Criteria evaluation technical reports produced by testing laboratories and validated by the NIAP CCEVS Validation Body are recognized by 14 other countries currently participating with the United States in the Arrangement on the Recognition of Common Criteria Certificates in the Field of Information Technology Security, signed during the First International Common Criteria Conference in May 2000.
Common criteria is an IT security evaluation method created by the International Organization for Standardization (ISO).
a leader in network visibility and security intelligence, today announced that its StealthWatch System has achieved Common Criteria Evaluation Assurance Level 1 (EAL1) certification under the Communications Security Establishment Canada (CSEC) Scheme.
Peter Cox, International Vice President of BorderWare Technologies, comments, "This award is the third Common Criteria EAL4+ certification gained by BorderWare Technologies, an achievement unbeaten by any other firewall vendor.