Common Criteria


Also found in: Medical, Acronyms, Wikipedia.

Common Criteria

The Common Criteria for Information Technology Security Evaluation (CC) is part of an international agreement for defining security objectives using agreed-upon terminology, for evaluating compliance with those objectives and for certifying products. The Common Criteria (CC) includes the Common Methodology for Information Technology Security Evaluation (CEM), which defines the minimum actions to conduct a CC evaluation. The Common Criteria Recognition Arrangement (CCRA) is an agreement whereby nations agree to accept the results of each other's security testing and evaluations.

The U.S. signatories, NSA and NIST, working jointly for the National Information Assurance Partnership (NIAP), have developed the Common Criteria Evaluation and Validation Scheme (CCEVS), which summarizes all the standards used by the U.S. that conform to the Common Criteria. For more information, visit www.commoncriteriaportal.org/cc and www.commoncriteriaportal.org/ccra.

The Common Criteria have largely replaced the Trusted Computer Security Evaluation Criteria (TCSEC), the Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) and the European Information Technology Security Evaluation Criteria (ITSEC).
References in periodicals archive ?
Common Criteria provides a broad range of evaluation criteria for commercial and nationally sensitive government-use IT security products.
The Common Criteria evaluation was performed in accordance with both the international Common Criteria standards (ISO/IEC 15408) and the guidance provided by the Common Criteria Evaluation and Validation Scheme (CCEVS), known as the National Information Assurance Partnership (NIAP), an organization managed jointly by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).
The internationally recognized Common Criteria certification, awarded by the National Information Assurance Partnership (NIAP), means that these products have been evaluated by a neutral third party and meet RioRey's claims for security features and capabilities.
Mobile productivity and management software provider NetMotion Wireless announced on Monday the acceptance of its mobile VPN, Mobility XE, into the Common Criteria Evaluation and Certification Scheme programme by the Communications Security Establishment Canada.
Recognized in 25 countries, Common Criteria is a set of internationally approved guidelines for evaluating and certifying the information security of IT products and information systems.
3 with the added confidence that they meet the security standards set forth through Common Criteria.
Common Criteria was developed through collaboration among national security and standards organizations within Canada, France, Germany, the Netherlands, the United Kingdom and the United States, as a common standard to replace their existing security evaluation criteria.
CC product evaluations are conducted by accredited independent test labs known as Common Criteria test labs or CCTLs.
Common Criteria evolved out of a combination of the American Trusted Computer System Evaluation Criteria, and the European Information Technology Security Evaluation Criteria.
The Common Criteria evaluation technical reports produced by testing laboratories and validated by the NIAP CCEVS Validation Body are recognized by 14 other countries currently participating with the United States in the Arrangement on the Recognition of Common Criteria Certificates in the Field of Information Technology Security, signed during the First International Common Criteria Conference in May 2000.
Common criteria is an IT security evaluation method created by the International Organization for Standardization (ISO).
Peter Cox, International Vice President of BorderWare Technologies, comments, "This award is the third Common Criteria EAL4+ certification gained by BorderWare Technologies, an achievement unbeaten by any other firewall vendor.