Common Criteria


Also found in: Medical, Acronyms, Wikipedia.

Common Criteria

(Common Criteria for Information Technology Security) An international standard process for defining security objectives and for evaluating compliance with those objectives. The Common Criteria have largely replaced the Trusted Computer Security Evaluation Criteria (TCSEC), the Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) and the European Information Technology Security Evaluation Criteria (ITSEC). See NCSC.

The Common Criteria comprise an extremely comprehensive program that is made up of many parts. For example, the Mutual Recognition Arrangement (MRA) is an informal agreement among countries that accepts the results of each other's security testing and evaluations. The U.S. signatories, NSA and NIST, working jointly for the National Information Assurance Partnership (NIAP) have developed an informal standard called the Common Criteria Evaluation and Validation Scheme (CCEVS). CCEVS summarizes all the standards used by the U.S. in order to conform to the Common Criteria.
References in periodicals archive ?
0 to help them grapple with the heightened demands for secure Web access, and delivery becomes increasingly complex, organizations can feel secure that they can verify the evaluation level certification to the EAL 3+ of the Common Criteria scheme, as defined by ISO/IEC 15408, which addresses product functionality, development environment, documentation, and product testing measures.
Common Criteria provides a broad range of evaluation criteria for commercial and nationally sensitive government-use IT security products.
The Common Criteria evaluation was performed in accordance with both the international Common Criteria standards (ISO/IEC 15408) and the guidance provided by the Common Criteria Evaluation and Validation Scheme (CCEVS), known as the National Information Assurance Partnership (NIAP), an organization managed jointly by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).
Recognized in 25 countries, Common Criteria is a set of internationally approved guidelines for evaluating and certifying the information security of IT products and information systems.
Common Criteria is an internationally recognized independent security certification recognized by governments in 26 countries across Europe, Australasia, Asia and North America.
3 with the added confidence that they meet the security standards set forth through Common Criteria.
Common Criteria was developed through collaboration among national security and standards organizations within Canada, France, Germany, the Netherlands, the United Kingdom and the United States, as a common standard to replace their existing security evaluation criteria.
CC product evaluations are conducted by accredited independent test labs known as Common Criteria test labs or CCTLs.
The Common Criteria evaluation technical reports produced by testing laboratories and validated by the NIAP CCEVS Validation Body are recognized by 14 other countries currently participating with the United States in the Arrangement on the Recognition of Common Criteria Certificates in the Field of Information Technology Security, signed during the First International Common Criteria Conference in May 2000.
Common criteria is an IT security evaluation method created by the International Organization for Standardization (ISO).
a leader in network visibility and security intelligence, today announced that its StealthWatch System has achieved Common Criteria Evaluation Assurance Level 1 (EAL1) certification under the Communications Security Establishment Canada (CSEC) Scheme.
Peter Cox, International Vice President of BorderWare Technologies, comments, "This award is the third Common Criteria EAL4+ certification gained by BorderWare Technologies, an achievement unbeaten by any other firewall vendor.