MRL WikiMain Page | About | Help | FAQ | Special pages | Log in


Printable version | Disclaimers | Privacy policy

Common Criteria

From MRL Wiki

ISO/IEC 15408 or The Common Criteria (CC) is an international standard for information technology security. It provides complete methodology for specifying security requirements, designing a security architecture, and verifying the security of a final product. However, CC does not provide a fixed set of product security requirements required to receive the certification. Instead, it is a task of consumers to determine these requirements specific to their needs.

The standard considers several topics out of scope:

Contents

[edit] Major Components

[edit] Packages

Common Criteria defines a large array of packages. Packages are sets of components combined together to fullfil a specific security objective. They will be used as building blocks to assemble PPs and STs. Two types of packages exist:

[edit] CEM

The Common Methodology for Information Technology Security Evaluation (CEM) was created to provide guidance to evaluators on how to apply and interpet SARs so that evaluations are consistent and repeatable.

[edit] EAL

Evaluation Assurance Levels (EALs) is a grouping of assurance components that represens a point on the predefined assurance scale. The intent of EALs is to ensure that a TOE is not over or underprotected by balancing the level of assurance against cost, schedule, technical, and mission constraints. EALs range from 1 to 7, each progressive EAL adds new and higher assurance components as security objectives become more rigorous:

[edit] MRA

Common Criteria received international recognition in 24 countries. Mutual Recognition Arrangement (MRA) was signed to recognize Common Criteria awards certified by any member of this agreement. MRA helped avoid the pitfalls of previous methodologies where a single product had to be certified repeatedly to receive approval in countries with their own product security certification methodologies.

[edit] See Also

[edit] External Links

Retrieved from "http://www.midnightresearch.com/wiki/index.php/Common_Criteria"

This page has been accessed 3,774 times. This page was last modified on 21 June 2007, at 21:30.


Find

Browse
Main Page
Community portal
Current events
Recent changes
Random page
Help
Edit
Edit this page
Editing help
This page
Discuss this page
New section
Printable version
Context
Page history
What links here
Related changes
My pages
Log in / create account
Special pages
New pages
File list
Statistics
Moreā€¦