Bangalore, India,17-18 December 2012 Sustainable Broadband Communications: International Perspective – Common Criteria David Martin, Head of International.

Slides:

Advertisements

Similar presentations

National Information Assurance Partnership Paul Mansfield January 2013

Advertisements

BS 8903 Your route to full competence. About BS 8903 BS 8903 is the first standard in the world to define and describe best practice in sustainable procurement.

Digital Agenda Unleashing the Potential of Cloud Computing in Europe Ken Ducatel Head of Unit Software and Services, Cloud European Commission (Directorate.

European e-Competence Framework 1.0 A common European framework for ICT Professionals in all industry sectors

Connect. Communicate. Collaborate TNC Bruges, 22 May 2008 GÉANT2: The Good the Bad and the Ugly - What worked and what didn’t work? Robin G. Arak.

Developments in Consumer/Customer Needs Related to Whey Based Products Richard Field, Orrani Consulting 1.

Janet Leach Head of Enfield’s Joint Service for Disabled Children Susan Tanner Head of Commissioning and Joint Planning Department for Children and Education.

The RTN New Skills 4 Green Jobs UK Workshop University of Exeter Monday July 9 th 2012.

CERN Summary Ian Bird eInfrastructure Workshop 9 December, 2003.

IT Security Evaluation By Sandeep Joshi

The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.

October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.

Supporting Further and Higher Education Building the UK National Information Environment - Lessons from the Past and Pointers To the Future Norman Wiseman.

The Householder Appeals Service Making it easier, simpler and quicker Sean Canavan Head of Quality and Special Projects.

Common Criteria National Information Assurance Partnership Evaluation of Mobile Technology Janine Pedersen 1.

SMART GRID DEVICES SECURITY CERTIFICATION

Presentation By: Chris Wade, P Eng. Finally … a best practice for selecting an engineering firm.

Developing ‘Virtual Communities’ within CAMHS services Mark Johnson – Director of Informatics – Mental Health Strategies Atif Ali – Project Manager, Greater.

1 Stanford Archival Repository Project Brian Cooper Arturo Crespo Hector Garcia-Molina Department of Computer Science Stanford University.

EVALUATION AND QUALITY ASSURANCE STRATEGY PRESENTED BY DR SHYAM PATIAR.

National Information Assurance Partnership NIAP 2000 Building More Secure Systems for the New Millenium sm.

Documenting Network Design

ISO 9001:2015 Revision overview - General users

International Aerospace Quality Group The Initiatives of the International Aerospace Quality Group (IAQG) Steve Shepherd ~ European Sector Leader.

LXI Standard – Current and Future David Owen – Pickering Interfaces TC Chair LXI Consortium LXI – “It’s About Your Time”

DG Environment Green Public Procurement in UK Green public procurement (GPP) - Lead the change National Conference Barbara Morton 08 April 2010 Vilnius,

IWCE Conference - Project 25 Compliance Assessment Program and Beyond Wednesday, March 26, 2014 – 4:15-5:30 PM Chris Essid Deputy Director DHS Office of.

Atlanta Public Schools Project Management Framework Proposed to the Atlanta Board of Education to Complete AdvancED/SACS “Required Actions” January 24,

2012 Joint Guideline Launch GUIDELINE FOR RAW MATERIALS GOOD SUPPLIER PRACTICE.

Watertown Public Schools School Committee June 24, 2013 Jean M. Fitzgerald, Ed.D. Superintendent Report on Goals.

© 2011 Mobile VCE The Virtual Centre of Excellence ::industry led:: ::research, innovation & application::

EU Project Croatia 12 th May 2011 UK Sector Skills Councils, working together.

European Broadband Portal Phase II Application of the Blueprint for “bottom-up” broadband initiatives.

1 Omissions and errors in the CC Who got it right? 8ICCC Denise Cater.

Copyright 2001 Prentice-Hall, Inc. Essentials of Systems Analysis and Design Chapter 3 Systems Planning and Selection 3.1.

Commissioning Self Analysis and Planning Exercise activity sheets.

Serco Internal Northern Ireland Presented by Gurbux Singh & Martin Eves 16 October 2012.

Forum on Greening Mobile Devices: Building Eco-Rating Schemes Daniela Torres Global Head of Green ICT & Environment, Telefónica S.A Associate Rapporteur.

20th AIAA Advanced Measurement and Ground Testing Technology Conference Lessons Learned in AIAA Working Group Development E. Allen Arrington Dynacs/NASA.

Bangalore, India,17-18 December 2012 Sustainable Broadband Communications: International Perspective – Common Criteria David Martin, Head of International.

Bangalore, India,17-18 December 2012 Day 1 – Highlights & Way Forward Kiritkumar P. LATHIA, C.Eng., Fellow IET Consultant, CTiF, Aalborg University, DK.

Bangalore, India,17-18 December 2012 METHODOLOGIES TO ASSESS THE ENVIRONMENTAL IMPACTS OF ICT KEVIN J HOUSTON, CEO CARBON MASTERS Member of Independent.

Framework for the Creation of Digital Knowledge Resources to meet the Challenges for Digital Future: A Librarian’s Perspective Dr. Harish Chandra Librarian.

Jackie Voss Manager, Global Standards Development ATIS All-IP Transition Initiatives September 30, 2015.

GSC-19 Meeting, July 2015, Geneva Guest Presentation by ISO and IEC Henry Cuschieri, ISO Gilles Thonet, IEC Jim MacFie, JTC 1 Document No:GSC-19_009.

A Discussion with the Central Asia Delegation January 2013 Dick Adams, Executive Director.

Digital Agenda Unleashing the Potential of Cloud Computing in Europe Ken Ducatel Head of Unit DG Connect, Software and Services, Cloud 05 December 2012.

1 Title: Introduction to Computer Instructor: I LTAF M EHDI.

1 Using Common Criteria Protection Profiles. 2 o A statement of user need –What the user wants to accomplish –A primary audience: mission/business owner.

DOCUMENT #:GSC15-PLEN-82r2 FOR:Presentation SOURCE:ATIS AGENDA ITEM: PLEN 6.14 CONTACT(S): Andrew White ATIS’

1 Not So Strange Bedfellows: Information Standards For Librarians AND Publishers November 6, 2015.

GISFI_Scope of Standardization ITU Workshop on Standards and IPR Issues, New Delhi 1 IPR Issues: A GISFI Perspective ITU Workshop on Standards and IPR.

International Aerospace Quality Group The Initiatives of the International Aerospace Quality Group (IAQG) Steve Shepherd ~ European Sector Leader.

2015 NetSymm Overview NETSYMM OVERVIEW December

“The changing data market” David Jellings Director, The OPEN BIM Network.

Standardisation in India Arun Golas DDG (T&A) TEC, DoT, India Joint ITU-GISFI Workshop on “Bridging the Standardization Gap: Workshop on.

Security WG: Report of the Fall 2003 Meeting October 28, 2003 Howard Weiss, NASA/JPL/SPARTA.

Mobile Broadband B3G for Professionals By Alan Dearlove Radtel Services and Steffen Ring Director, M.Sc.E.E. Chairman Project MESA Steering Committee.

9 th International Common Criteria Conference Report to IEEE P2600 WG Brian Smithson Ricoh Americas Corporation 10/24/2008.

© 2006 Open Grid Forum Geoffrey Fox Board Review April OGF eScience Function.

Innovation and Development in Official Statistics: communicating for users #DigitalDay Michael Hardie, Office for National Statistics.

EIAScreening6(Gajaseni, 2007)1 II. Scoping. EIAScreening6(Gajaseni, 2007)2 Scoping Definition: is a process of interaction between the interested public,

1 Presented by David Thompson, TIA December 14, 2005 NFPA 1600 and Emergency Communications.

SAE Cybersecurity Standards Activity

Alhad Kuwadekar , Khalid Al-Begain

Cyber Risk Presentation to the Board of Directors

9th International Common Criteria Conference Report to IEEE P2600 WG

Title of presentation Verdana 32

From the Evidence Analysis to the Creation of Evidence Based Guidelines 1.

Technical Guidelines for the Development of International Standards for Small Hydropower Plants DONG Guofeng ICSHP 7 November, 2018.

Presentation transcript:

Bangalore, India,17-18 December 2012 Sustainable Broadband Communications: International Perspective – Common Criteria David Martin, Head of International Assurance, Common Criteria Scheme Director, CESG, UK, Joint ITU-GISFI Workshop on “Bridging the Standardization Gap: Workshop on Sustainable Rural Communications” (Bangalore, India, December 2012)

David Martin Involved in Information Assurance Standards for many years Chair of International Common Criteria Development Board Scheme Director for the UK Common Criteria Scheme (operated by UK government) Representing UK Scheme - reporting on new CC vision statement Bangalore, India,17-18 December

3 Common Criteria - Background Standards for Assurance of IT Product Security 26 Nations (more to come) 16 Nations evaluate/certify products Also an ISO standard (15408 and 18045) Run by a Management Committee (with an executive to support) and a Development Board

Bangalore, India,17-18 December Common Criteria – The Value Manufacturers do not have to evaluate products in multiple places. Evaluation is very expensive in time and money Good cyber defence (and sustainable telecom) needs many more products evaluated All nations agree and procure to the common standard Industry involvement (CCUF)

Bangalore, India,17-18 December Common Criteria – New Vision – Rationale -1 CC usage has been little changed for more than 12 years A number of nations found that:- The focus on ‘assurance level (EAL)’ was damaging product security Not enough products are evaluated - Cyber defence needs many more Expertise is applied in the wrong place, inconsistently, and without wide peer review.

Bangalore, India,17-18 December Common Criteria – New Vision – Rationale -2 Smartcard Community has developed a very effective way of using CC Work has taken place to support a similar approach for general IT products Resulting in the CCMC (management Committee) vision statement – published in September 2012

Bangalore, India,17-18 December For more information Common Criteria Portal: The vision statement links from the front page Other links show the products, schemes, operating documents etc. Also see CCUF at

Existing Approach Bangalore, India,17-18 December

New Approach Bangalore, India,17-18 December

Technical Communities Bangalore, India,17-18 December

Meeting virtually Bangalore, India,17-18 December

Much quicker and more effective Bangalore, India,17-18 December

Bespoke design/evaluation Bangalore, India,17-18 December

Better to have known standards Bangalore, India,17-18 December

Other Important developments Common view on cryptography Security Configuration Automation Strong Linkage to Vulnerability/Weakness reporting Supply Chain working group Consistent Government Procurement (and other major users) – addressing what ‘recognition’ really means Bangalore, India,17-18 December

Common support for procurement Bangalore, India,17-18 December

Bangalore, India,17-18 December Common Criteria – New Vision – Summary More assurance than a simple ‘EAL approach’ Uses worldwide expertise, instead of relying on single ‘expert’ Open, Transparent, Repeatable – as befitting an International Standard Step change in volume – better for cyberdefence Lowers procurement costs

Bangalore, India,17-18 December What does this mean for Sustainable Broadband Communications? More assurance (Ignore ‘EAL’ look at what is assured) More responsive Lower cost Wider range and choice of products Uses worldwide expertise, instead of relying on single ‘expert’ Open, Transparent, Repeatable – as befitting an International Standard

Bangalore, India,17-18 December Further detail First International Technical Community about to launch – based on USB storage device Many more to follow next year Already many TCs exist (mostly US based)

Example TC Areas Networking (NDPP, Firewalls, VPNs, etc) Storage (USB, Hard disks, etc) Applications on Operating systems Mobile telecoms (VOIP, SIP, MDM, etc) Multifunction devices (printers etc.) Bangalore, India,17-18 December

Bangalore, India,17-18 December Telecoms Applicability 3gPP discussion – potential development of cPPs Could extend to system approaches Key is to have the real technical expertise setting the standards CCRA maintains the fairness, the reliability/reputation, and the worldwide recognition for vendors

Conclusions and Recommendations Bangalore, India,17-18 December