APEC  

APEC
Home Customize Instructions Contact Category 5 Category 6 Category 7
Seminal Papers Seminal Talks Common Criteria Professional Certification

General Interest

Papers from past seminars, explanation of the Common Criteria standards, and Professional Certification.

 

What is the Common Criteria?

ISO/IEC 15408-1:1999

Information Technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model.

Part 1 defines general concepts and principles of IT security evaluation and presents a general model of evaluation. This part also presents the constructs for expressing IT security objectives, for selecting and defining IT security requirements, and for writing high-level specifications for products and systems. In addition, it provides the usefulness of each part of the Common Criteria in terms of each of the target audiences.

ISO/IEC 15408-2:1999

Information Technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements.

This part establishes a set of security functional components as a standard way of expressing the security requirements for IT products and systems. The catalog is organized into classes, families, and components.

ISO/IEC 15408-3:1999

Information Technology - Security Techniques - Evaluation Criteria for IT Security - Part 3: Security Assurance Requirements.

This part produces a catalog of establishes set of assurance components that can be used as a standard way of expressing the assurance requirements for IT products and systems. The Part 3 catalog is organized into the same class - family - component structure. Part 3 also defines evaluation criteria for PPs and STs. Part 3 presents the seven Evaluation Assurance Levels (EALs), which are predefined packages of assurance components that make up the Common Criteria scale for rating confidence in the security of IT products and systems.

Common Criteria tools are available from the National Information Assurance Program.  The drop-down list to the left shows all available downloads, or you can visit the NIAP page directly at this link.

 


NEWS

NEW Training Links

Certification

Training - Paid

Training - Free

This site is supported by NIATEC and the Informatics Research Institute

 It is a partnership with government and industry to develop standards for experiential learning programs and apprenticeships

.

APEC Progress Reports.

SEC Site

Vender

APEC
APECTEL 28

Suggestions and Materials Submissions are always welcome.  Please send to this link.

 

NIATEC
Idaho State University
Pocatello, Idaho

 

 

General Interest | Written Content | Academics | Links | Curriculum | Publications

All material on this site is copyright unless otherwise noted.
Please respect the authors rights by requesting permission for use and ensuring proper attribution and credit.