Examining the Common Criteria Toolkit
by John Morris, president and co-founder of Corsec Security, Inc.
In our last two articles, we covered FIPS 140-2 and Common Criteria at a high level, and then looked into what’s actually involved in getting a FIPS 140-2 validation. In this article, we’ll delve further into Common Criteria evaluations, what’s involved, and how they are used by vendors and purchasers.
What exactly is Common Criteria? Common Criteria is an internationally accepted language for writing security standards, by which a vendor describes their products’ security functionality and then offers proof that it actually delivers those features specified. Common Criteria can be applied to hardware, software, or firmware products, alone or combined. Again, the evaluation does not focus on the entire product, but only on its security components as outlined by the vendor.
There are 1898 words in the rest of this article …
Library Access Required
Library subscribers have access to the full archives of more than 10,000 original news items and feature articles published by AVISIAN’s suite of ID technology publications (ContactlessNews.com, CR80News.com, DigitalIDNews.com, FIPS201.com, NFCNews.com, RFIDNews.org, SecureIDNews.com, and ThirdFactor.com).
For just $99, you receive unlimited password-protected access to content on all of AVISIAN’s sites for an entire year. Your subscription helps fund the continued creation of independent, insightful content. Find out more.
Sign in as a Subscriber
If you are already a subscriber, you may sign in now. Enter your Email Address and Password and click Sign In.
If you have forgotten your password, enter just your Email Address, and click Send Password.
