Common Criteria

Common Criteria Ravi Sandhu

Common Criteria • International unification • CC v2.1 is ISO 15408 • Flexibility • Separation of • Functional requirements • Assurance requirements • Marginally successful so far • v1 1996, v2 1998, widespread use ???

Common Criteria

Class, Family, Component, Package

Security Functional Requirements

Security Assurance Requirements

Evaluation Assurance Levels (EALs) Security can be retrofitted Security must be designed in Impractical except for simplest systems

Evaluation Assurance Levels (EALs) Black box evaluation Grey box evaluation White box evaluation

Evaluation Assurance Levels (EALs)

Common Criteria

Common Criteria

Presentation Transcript

An Overview of Common Criteria Protection Profiles

Common Criteria

Western Electricity Coordinating Council Common Corridor Criteria

Common Criteria Background

Sustainable Broadband Communications: International Perspective – Common Criteria

A Security Business Case for the Common Criteria

Common Criteria

Common Criteria V3 Overview

Workshop 5: Common Criteria

Maastricht Convergence Criteria - When to Adopt Common Currency?

Common Criteria Protection Profiles for PKI Products

A Common Criteria Authoring Environment Supporting Composition *

Common Criteria Recognition Arrangement

Evaluation of Grid Security Solutions using Common Criteria

Common Criteria

Mapping TCSEC to Common Criteria

The Value of Common Criteria Evaluations

Sustainable Broadband Communications: International Perspective – Common Criteria