CSC Defines IT Security Assessments for Common Criteria & Cryptographic Modules

The Common Criteria for Information Technology (IT) Security Evaluation, also known as the ISO 15408 standard, is the current standard for specifying and evaluating the security features of IT products and networks. Common Criteria offers the first global standard for IT security evaluation andvalidation/certification fully endorsed by government bodies in participating countries. In addition, federal agencies, industry, and the public rely on cryptography for the protection of information and communications used in electronic commerce, critical infrastructure, and other application areas.

Cryptographic modules, which contain cryptographic algorithms, are used in products and systems to provide security services such as confidentiality, integrity, and authentication. Adequate testing and validation of the cryptographic module and its underlying cryptographic algorithms against established standards is essential to provide security assurance. Cryptographic Module Validation Program (CMVP) validates cryptographic modules to Federal Information Processing Standards (FIPS) 140-2 Security Requirements for Cryptographic Modules and other FIPS cryptography based standards. How effective will these new standards be in preventing cyber crime? Share your thoughts with the Cloud and Cyber Security Center.