|
|
|
 |
||||||||||||||||||||||||||||||||||
Gamma has enjoyed a long and fruitful association with the Common Criteria (ISO/IEC 15408) since its inception, having provided the only non-government member of the ISO standardisation committee and having helped to develop the ITSEC; one of the three security evaluation criteria that were used to create the Common Criteria. Click here to learn about the latest developments in ISO SC27 WG3 or how to obtain a free but still legal copy of the Guide to the Development of Protection Profiles and Security Targets (PPST Guide). Essentially, the Common Criteria facilitate the means to confirm that particular security features of some Target of Evaluation (TOE), which is usually an IT product, have:
This evaluation is predicated on a detailed examination of the construction of the TOE, commensurate with some given level of confidence (often specified as a Common Criteria "Evaluation Assurance Level"). The Common Criteria Recognition Arrangement facilitates the means for the nominated authority in one country to formally accept Common Criteria evaluations that have been certified in another country, and is singularly responsible for the dramatic uptake of interest in the Common Criteria by Visa and MasterCard at the turn of the century. There is now a regular International Common Criteria Conference; the 8th was held in September in Rome. We regularly present some aspect of our Common Criteria work at these conferences. Click here to learn about our work, using the Common Criteria in the area of smart cards. |
|||||||||||||||||||||||||||||||||||
|
