Common Criteria for Information Technology Security Evaluation

The Common Criteria for Information Technology Security Evaluation (CC) were compiled by governmental agencies from Canada, France, Germany, Great Britain, the Netherlands and the United States of America, with the stated goal of establishing a uniform, internationally recognized set of IT security criteria. The project began in 1993, and it took almost three years before the first CC version was approved and released. The currently used version, 2.1, is also the International Standards Organization's (ISO) International Standard #15408.

The Common Criteria encompass the internationally recognized standards and methodology for the evaluation of the security properties of practically all information technology products and systems, and are formally recognized by 18 countries. Two main advantages of deploying a product that has a CC certification are:

• The product is officially assured to provide the security its makers say it does. Many vendors make unsubstantiated claims as to the performance and security of their products: if a product is CC-certified, you know it achieves the level of security the certificate states.

• As the CC certificate is internationally recognized, the product can be deployed in several countries without having to be evaluated for security purposes again, saving time and money, for example, when internationally active enterprises make changes in their IT/security infrastructures.

For detailed information on the Common Criteria, follow the link below:

National Institute of Standards and Technology: Computer Security Division

News Overview

Further information:

HOB
Joseph Roden
Tel: +49 9103 715-246
E-mail: Marketing@hobsoft.com

webmaster@hobsoft.com, Last Updated: 03-Jul-07