The Common Criteria
J. McDermott, Center for High Assurance Computer Systems, Naval Research Laboratory
Evaluations, Certifications, and Accreditations
Security Functional Requirements
Class ACM: Configuration Management
Class ADO: Delivery and Operation
Class AVA: Vulnerability Assessment
INTRODUCTION
The Common Criteria is a framework for comparing the technical security of as-built products. The term product is used in a general way, to include any information technology component that might be constructed, not just those that may be for sale. Products are expected to be primarily software but the Common Criteria is not limited to software. By long-established convention, the Common Criteria is referred to as though it were a single document rather than a plural collection of criteria.
The Common Criteria framework (Common Criteria Project Sponsoring Organizations, 2000a, 2000b, 2000c) is used to define a set of criteria for measuring a single product. Different products that satisfy various requirements from the Common Criteria may then be compared against the criteria they have in common. The Common Criteria framework ...
Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
