Alternative Approaches
Throughout the lifetime of CC, it has not been universally adopted even by the creator nations, with, in particular, cryptographic approvals being handled separately, such as by the Canadian / US implementation of FIPS-140, and the CESG Assisted Products Scheme (CAPS) in the UK.
The UK has also produced a number of alternative schemes when the timescales, costs and overheads of mutual recognition have been found to be impeding the operation of the market:
- The CESG System Evaluation (SYSn) and Fast Track Approach (FTA) schemes for assurance of government systems rather than generic products and services, which have now been merged into the CESG Tailored Assurance Service (CTAS)
- The CESG Claims Tested Mark (CCT Mark), which is aimed at handling less exhaustive assurance requirements for products and services in a cost and time efficient manner
In early 2011, NSA/CSS published a paper by Chris Salter, which proposed a Protection Profile oriented approach towards evaluation. In this approach, communities of interest form around technology types which in turn develop protection profiles that define the evaluation methodology for the technology type. The objective is a more robust evaluation. There is some concern that this may have a negative impact on mutual recognition.
Read more about this topic: Common Criteria
Famous quotes containing the words alternative and/or approaches:
“Education must, then, be not only a transmission of culture but also a provider of alternative views of the world and a strengthener of the will to explore them.”
—Jerome S. Bruner (20th century)
“The Oriental philosophy approaches easily loftier themes than the modern aspires to; and no wonder if it sometimes prattle about them. It only assigns their due rank respectively to Action and Contemplation, or rather does full justice to the latter. Western philosophers have not conceived of the significance of Contemplation in their sense.”
—Henry David Thoreau (1817–1862)