1 / 9

Update on the Spanish Evaluation and Certification Scheme Luis Jiménez

Update on the Spanish Evaluation and Certification Scheme Luis Jiménez Head of the Certification Area Certification Body National Cryptologic Center National Intelligence Centre organismo.certificacion@cni.es. Facts and figures 2006-2007 Ongoing support to the CC/CEM

adrina
Download Presentation

Update on the Spanish Evaluation and Certification Scheme Luis Jiménez

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Update on the Spanish Evaluation and Certification Scheme • Luis Jiménez • Head of the Certification Area • Certification Body • National Cryptologic Center • National Intelligence Centre • organismo.certificacion@cni.es

  2. Facts and figures 2006-2007 • Ongoing support to the CC/CEM • Trends and perspectives • Contact data

  3. Facts and figures 2006-2007 We hosted the 2006 7th ICCC, as a compliment to the then just recently approved recognition of Spain as a Certificate Authorizing member of the CCRA. Since then: We passed the EN 45011 audit, and were accredited by ENAC as a certification body compliant with requirements of this standard, complementing the roles and responsibilities emanating from our legal framework with those applicable to EN 45011 certification bodies. In particular, this has let us work with a better fit under the digital signature national regulation.

  4. Facts and figures 2006-2007 We licensed the second evaluation facility, and received an application for a third laboratory, which is about to finish the licensing process: CESTI/INTA * Security level: CLASIFICADO * Evaluation standards and levels: o ITSEC, E4; o Common Criteria/Common Evaluation Methodology, EAL4+. LGAI Technological Center S.A. * Security Level: NO CLASIFICADO * Evaluation standards and levels: o Common Criteria/Common Evaluation Methodology, EAL4+. Epoche and Espri S.L.U. (*) * Security Level: CLASIFICADO * Evaluation standards and levels: o ITSEC, E3; o Common Criteria/Common Evaluation Methodology v3.1, EAL4+. (*) Undergoing the licensing process

  5. Facts and figures 2006-2007 We have certified the security of nine products, and fourteen more are currently under evaluation. Some of these are being carried out using the ITSEC/ITSEM standards.

  6. Ongoing support to the CC/CEM We have been supporting the CC by providing resources to the maintenance of the standard both at the CC and ISO. Our support will be maintained for 2008 and beyond, seeking to contribute to the making of CC/CEM v4.0, aka “El dorado”. For the last three years Spain has been sponsoring the familiar www.commoncriteriaportal.org. This will be maintained, but we plan to make it the central ISO/IEC PP registry, in accordance with ISO/IEC 15292 -- Information technology -- Security techniques – Protection profile registration procedures

  7. Trends and perspectives The culture of requiring IT with certified security is catching up in Spain. Some initiatives in the area of digital signature, and specially related to the national electronic id card are about to boost the demand of certified applications and devices. The CCN is both taking measures to improve the efficiency of the licensed labs and planning ahead its own capabilities to cope with this expected boost.

  8. Contact data Find the web site of the Scheme at www.oc.ccn.cni.es

  9. Question welcomed • Luis Jiménez • Head of the Certification Area • Certification Body • National Cryptologic Center • National Intelligence Centre • organismo.certificacion@cni.es

More Related