The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1.
Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner.
Read more about Common Criteria: Key Concepts, History, Testing Organizations, Mutual Recognition Arrangement, List of Abbreviations, Alternative Approaches
Famous quotes containing the words common and/or criteria:
“A person of definite character and purpose who comprehends our way of thought is sure to exert power over us. He cannot altogether be resisted; because, if he understands us, he can make us understand him, through the word, the look, or other symbol, which both of us connect with the common sentiment or idea; and thus by communicating an impulse he can move the will.”
—Charles Horton Cooley (1864–1929)
“The Hacker Ethic: Access to computers—and anything which might teach you something about the way the world works—should be unlimited and total.
Always yield to the Hands-On Imperative!
All information should be free.
Mistrust authority—promote decentralization.
Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.
You can create art and beauty on a computer.
Computers can change your life for the better.”
—Steven Levy, U.S. writer. Hackers, ch. 2, “The Hacker Ethic,” pp. 27-33, Anchor Press, Doubleday (1984)