Common Criteria

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1.

Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner.

Read more about Common Criteria:  Key Concepts, History, Testing Organizations, Mutual Recognition Arrangement, List of Abbreviations, Alternative Approaches

Famous quotes containing the words common and/or criteria:

    You know, what I very well know, that I bought you. And I know, what perhaps you think I don’t know, you are now selling yourselves to somebody else; and I know, what you do not know, that I am buying another borough. May God’s curse light upon you all: may your houses be as open and common to all Excise Officers as your wifes and daughters were to me, when I stood for your scoundrel corporation.
    Anthony Henley (d. 1745)

    There are ... two minimum conditions necessary and sufficient for the existence of a legal system. On the one hand those rules of behavior which are valid according to the system’s ultimate criteria of validity must be generally obeyed, and on the other hand, its rules of recognition specifying the criteria of legal validity and its rules of change and adjudication must be effectively accepted as common public standards of official behavior by its officials.
    —H.L.A. (Herbert Lionel Adolphus)