- CCEVS
Common Criteria Evaluation and Validation Scheme (CCEVS) is a
United States Government program administered by theNational Information Assurance Partnership (NIAP) to evaluateinformation technology (IT) product conformance to theCommon Criteria international standard .CCEVS Objectives
The CCEVS program is a partnership between the U.S. Government and industry to assist themselves and the consumers:
*Selectcommercial off-the-shelf (COTS) IT products which meet their respective security requirements
*Help manufacturers of IT products gain acceptance in the global marketplace
*Provide cost-effective evaluation of IT products
*Encourage the formation of commercial security and Common Criteria Testing Laboratories (CCTL )
*Develop of a private sector security testing industry
*Ensure that security evaluations of IT products are performed to consistent standards
*Improve the availability of evaluated IT productsCCEVS Validation Body
The Validation Body has the ultimate responsibility for the operation of the CCEVS in accordance with NIAP policies and procedures. Where appropriate it will interpret and amend those policies and procedures. The
NIST andNSA are responsible for providing sufficient resources to the NIAP so that the Validation Body may carry out its responsibilities.The Validation Body is led by a Director and Deputy Director selected by NIST and NSA management and other personnel include validators and technical experts in various technology areas.
The Validation Body ensures that appropriate mechanisms are in place to protect the interests of all parties within the CCEVS participating in the process of IT security evaluation.
Disputes brought forth by any participating party, i.e. the sponsor of an evaluation, product or
Protection Profile developer or CCTL concerning the operation of the CCEVS or any of its associated activities shall be referred to the Validation Body for resolution. .
Wikimedia Foundation. 2010.
