1 / 9

Update on U.S. Common Criteria Evaluation & Validation Scheme

Explore the latest developments and future plans of the U.S. CCEVS program, including lab accreditations, product evaluations, and the fee-for-service model implementation.

nysa
Télécharger la présentation

Update on U.S. Common Criteria Evaluation & Validation Scheme

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. U.S. Common CriteriaEvaluation & Validation Scheme (CCEVS)Update25 September 2007 Audrey M. Dale Director, NIAP CCEVS

  2. Agenda • The U.S. Scheme this past year • Current status of the U.S. Scheme • The U.S. Scheme in the upcoming year

  3. The U.S. Scheme This Past Year • Program resources severely constrained - Validation process revised – Validation Oversight Reviews (VORs) instead of continuous oversight - Only accepted Medium or High Robustness PP compliant products - Validator resources reduced by 50% • Initiated work on fee-for-service model for validation oversight - Government legislation changed to allow fee collection - Proposed fee schedule posted for comment

  4. Current Status of the U.S. Scheme • Common Criteria Testing Labs (CCTLs) • 8 accredited labs • 3 candidate labs • Products (Aug 07) • 149 products “in evaluation” • 210 product certificates issued to date • Protection Profiles (PPs) • 42 Validated PPs -- 24 U.S. Government PPs being converted to CC V3.1 -- 8 of the U.S. Government PPs are being sun-setted

  5. Current Status of the U.S. Scheme Common Criteria Testing Labs • Booz Allen Hamilton Linthicum, Maryland • Arca Sterling, Virginia • atsec Austin, Texas • COACT, Inc. Columbia, Maryland • Computer Sciences Corp. Annapolis Junction, MD • CygnaCom Solutions, Inc. McLean, Virginia • InfoGard Laboratories, Inc. San Luis Obispo, CA • Science Applications Int’l Corp. Columbia, MD Plus 3 Candidate Labs (BKP, BT, DIAL) Sep 07

  6. Current Status of U.S. Scheme Products 210 Completed Evaluations 149 Evaluations in Progress

  7. The U.S. Scheme in the Upcoming Year • Implement fee-for-service model for validation oversight • Continue to maintain program with constrained resources • Focus on PP compliant and EAL4 evaluations • Research and implement additional methods for increasing the efficiency, consistency and customer value of evaluations • Continue reductions in validation oversight while maintaining quality of evaluations and meeting the requirements for Mutual Recognition • Increase validator training & interaction to help maintain consistency of evaluations • Continue investigating the use of tools

  8. Questions ? NIAP CCEVS Website containing U.S. CC program information to include all U.S. CC evaluated products, products currently “in-evaluation,” Protection Profiles, and accredited U.S. CC testing labs www.niap-ccevs.org The National Information Assurance Partnership / Common Criteria Evaluation and Validation Scheme ®

  9. Contact Information Audrey M. Dale Director, NIAP CCEVS National Security Agency 9800 Savage Road Fort George G. Meade, MD 20755 U.S.A Telephone: +1 410-854-4458 amdale@missi.ncsc.mil

More Related