U.S. Common Criteria Evaluation & Validation Scheme (CCEVS) Update 25 September 2007 Audrey M. Dale Director, NIAP CCEVS.

Slides:



Advertisements
Similar presentations
SMALL BUSINESS SHOWCASE COACT, Inc. is a Service Disabled Veteran Owned Small Business (SDVOSB). Niche Areas: Certification & Accreditation (C&A) FIPS140.
Advertisements

National Information Assurance Partnership Paul Mansfield January 2013
IEEE- P2600 PP Validation Suggested Process and Update Members: Ron Nevo, Brian Smithson, Alan Sukert, Farrell Lee October 2007.
Quality Label and Certification Processes Vienna Summit 11 April 2014 Karima Bourquard Director of Interoperability IHE-Europe.
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
IAPD – The Maryland Experience. Involve FNS from the start – Guidance – Knowledge – Updates Communicate Often Approvals.
The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.
Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.
The National Declassification Center Releasing All We Can, Protecting What We Must Public Interest Declassification Board NDC Project Update April 22,
October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.
Common Criteria National Information Assurance Partnership Evaluation of Mobile Technology Janine Pedersen 1.
8 November Common Criteria Protection Profiles and the NSA Strategy for Their Use Within the U.S. Department of Defense Louis.
November 9, NIST’s Role in Computer Security Ed Roback Computer Security Division NIST Information Technology Laboratory.
1 Integrating Information Security Into the Procurement Process for Large Systems MITRE © 2003 The MITRE Corporation. All rights reserved.
1 Terrie Diaz/ James Arnold 27 September 2007 Threats, Policies, and Assumptions in the Common Criteria What is the target of evaluation anyhow?
Auditor Competency David Brackston Technical Director BRC Global Standards.
1. Mutual Reliance of Food Testing Results Webinar presentation January 2014 Canadian Food Inspection Agency Corinne Pequignot
National Information Assurance Partnership NIAP 2000 Building More Secure Systems for the New Millenium sm.
1 Copyright © 2014 M. E. Kabay. All rights reserved. Standards for Security Products CSH5 Chapter 51 “Security Standards for Products” Paul J. Brusil and.
Central Texas Workforce Area Bell, Coryell, Hamilton, Lampasas, Milam Mills, and San Saba Counties Fort Hood.
An introduction to the National Voluntary Laboratory Accreditation Program Sally Bruce, Chief for the National Voluntary Laboratory Accreditation Program.
Copyright atsec information security, 2007 Bringing an Independent, Standards-Based Approach to Global IT Security Consulting and Product Evaluation Staffan.
Assurance Continuity: What and How? Nithya Rachamadugu September 25, 2007.
Annual Pupil Profile. 11 September 2003Review of Post Primary Education2 Ideas behind the Assessment Proposals Shift the emphasis to assessment for learning.
1 Anthony Apted/ James Arnold 26 September 2007 Has the Common Criteria Delivered?
A Security Business Case for the Common Criteria Marty Ferris Ferris & Associates, Inc
Updates on Korean Scheme IT Security Certification Center, National Intelligence Service The 8 th ICCC in Rome, Italy.
Top Emerging Community-Installation Partnership Ideas June 4, 2014.
VALUEOPTIONS® MARYLAND FRIDAY, MARCH 15, ValueOptions® Maryland is the partnership between the Department of Health and Mental Hygiene (DHMH)/Mental.
1 © Quality House QUALITY HOUSE The best testing partner in Bulgaria.
NMS Certification and Accreditation (C&A) Removal of Material Weakness for NMS Security and Access Controls Jim Craft USAID ISSO.
Sustaining Long Term Regional Coordinated Monitoring Programs Todd Running, H-GAC May 9, 2006.
U.S. General Services Administration Federal Technology Service November 9, 1999 Judith Spencer Director, Center for Governmentwide Security Office of.
MD Digital Government Summit, June 26, Maryland Project Management Oversight & System Development Life Cycle (SDLC) Robert Krauss MD Digital Government.
The Value of Common Criteria Evaluations Stuart Katzke, Ph.D. Senior Research Scientist National Institute of Standards & Technology 100 Bureau Drive;
Airport Land Project Certification System (ALPCS) Concept Model Rick Etter FAA, Office of Airport Planning & Programming Matthew Drake CSSI, Inc., Senior.
Page 1 ©1999 InfoGard Laboratories, Inc Centre for Applied Cryptographic Research workshop, Nov. 8, 1999 Third party evaluations of CA cryptographic implementations.
Developing Policy and Procedure Management System إعداد برنامج سياسات وإجراءات العمل 8 Safar February 2007 HERA GENERAL HOSPITAL.
Department of Defense Knowledge Fair Tim Young Office of Management and Budget September 27, 2007.
1 Commonwealth Project Management Division Bob Haugh Project Management Division November 15, 2010 Revision of.
The TNI National Environmental Laboratory Accreditation Board Update Daniel Hickman, NELAP Board Chair.
Other Party Management Team (OPMT) Status Briefing Americas Aerospace Quality Group (AAQG) Registration Management Committee (RMC) Tim Lee – Chair The.
November 14, 2011 Rhode Island.  Benefit Year Earnings (BYE): Root Causes Identified:  Agency Causes  Poorly worded messaging  Staff do not “Own Integrity”
11 Cap-and-Trade Auction Proceeds Funding Guidelines for Agencies that Administer California Climate Investments September
EU Public Procurement Learning Lab Pia Marconi Rome, 13th December 2004.
1 Using Common Criteria Protection Profiles. 2 o A statement of user need –What the user wants to accomplish –A primary audience: mission/business owner.
Fort George G. Meade KEMRON PBC Sites Near-Term Deliverables Update Operable Units 1, 3 and 5 Restoration Advisory Board Meeting March 17, 2011 KEMRON.
Emergency Planning and Preparedness Howard W. Levitin, M.D., FACEP Emergency Physician and Consultant Disaster Planning International Sue Losch Skidmore,
© Copyright 2007 Corsec Security, Inc. Corsec Security, Inc. FIPS and Common Criteria Validation Consultants.
Performance Management Training October , 2015 Grace Gorenflo, MPH, RN Principal Gorenflo Consulting, Inc.
IEEE P2600 Working Group CygnaCom Solutions Introduction Kris Rogers 25 April 2007.
GP Confidential GlobalPlatform’s Modular Approach to its Compliance and certification.
Using e-assessments Dublin – 13 October, 2005 Suzana Lopes – Director, Sales and Marketing Assessment Tomorrow.
Current MFRPS State Implementation Status February 3, :15 – 9:45 am Timothy Weigner Staff Director U.S. FDA Office of Regulatory Affairs, Office.
Dec. 6, 2010 Gum-Ho Choe Accreditation of Software Testing Working Group, APLAC Technical Committee.
9 th International Common Criteria Conference Report to IEEE P2600 WG Brian Smithson Ricoh Americas Corporation 10/24/2008.
Improving the Efficiency of Future Opportunity Bridging the Gap Between Veterans and Continuing Education An exploration into Customer Relationship Management.
Lab-Wide Earned Value Management System Project Oversight Committee Meeting September 11, 2008 Dean. Hoffer / Elaine McCluskey.
Accreditation, Strategic Planning, SPOL Implementation Sigrid Davison Associate Director, Analytics & Research, Office of Institutional Effectiveness Audrey.
CALIFORNIA WINE CLUB WWW. JAVICELLARS.COM. CALIFORNIA WINE CLUB.
Outline Securing your system before the IDS and some tools to help you
Partnerships for VoIP Security VoIP Protection Profiles
IEEE 2600 Protection Profile Group
8ICCC Update for IEEE P2600 Brian Smithson Ricoh Americas Corporation
9th International Common Criteria Conference Report to IEEE P2600 WG
The EU pilot programme on Environmental Technology Verification (ETV)
IEEE- P2600 PP Validation Suggested Process and Update
Yahoo Mail Technical Support Number USA
IT SECURITY EVALUATION ACCORDING TO HARMONIZED AND APPROVED CRITERIA
Presentation transcript:

U.S. Common Criteria Evaluation & Validation Scheme (CCEVS) Update 25 September 2007 Audrey M. Dale Director, NIAP CCEVS

Agenda The U.S. Scheme this past year Current status of the U.S. Scheme The U.S. Scheme in the upcoming year

The U.S. Scheme This Past Year Program resources severely constrained - Validation process revised – Validation Oversight Reviews (VORs) instead of continuous oversight - Only accepted Medium or High Robustness PP compliant products - Validator resources reduced by 50% Initiated work on fee-for-service model for validation oversight - Government legislation changed to allow fee collection - Proposed fee schedule posted for comment

Current Status of the U.S. Scheme Common Criteria Testing Labs (CCTLs) –8 accredited labs –3 candidate labs Products (Aug 07) –149 products “in evaluation” –210 product certificates issued to date Protection Profiles (PPs) –42 Validated PPs U.S. Government PPs being converted to CC V of the U.S. Government PPs are being sun-setted

Current Status of the U.S. Scheme Common Criteria Testing Labs 1.Booz Allen Hamilton Linthicum, Maryland 2.Arca Sterling, Virginia 3.atsec Austin, Texas 4.COACT, Inc. Columbia, Maryland 5.Computer Sciences Corp. Annapolis Junction, MD 6.CygnaCom Solutions, Inc. McLean, Virginia 7.InfoGard Laboratories, Inc. San Luis Obispo, CA 8.Science Applications Int’l Corp. Columbia, MD Plus 3 Candidate Labs (BKP, BT, DIAL) Sep 07

210 Completed Evaluations149 Evaluations in Progress Current Status of U.S. Scheme Products

The U.S. Scheme in the Upcoming Year Implement fee-for-service model for validation oversight Continue to maintain program with constrained resources –Focus on PP compliant and EAL4 evaluations Research and implement additional methods for increasing the efficiency, consistency and customer value of evaluations –Continue reductions in validation oversight while maintaining quality of evaluations and meeting the requirements for Mutual Recognition –Increase validator training & interaction to help maintain consistency of evaluations –Continue investigating the use of tools

Questions ? The National Information Assurance Partnership / Common Criteria Evaluation and Validation Scheme ® NIAP CCEVS Website containing U.S. CC program information to include all U.S. CC evaluated products, products currently “in-evaluation,” Protection Profiles, and accredited U.S. CC testing labs

Audrey M. Dale Director, NIAP CCEVS National Security Agency 9800 Savage Road Fort George G. Meade, MD U.S.A Telephone: Contact Information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.