|
Home / Computers
Common Criteria
By:Robert Elam
Windows 2000 was awarded the Common Criteria Certificate. This is the first Microsoft Operating System to receive such a prestigious certification putting it on the same level as SecureOS Solaris Unix, both built on an operating system that has been around for over thirty years. This document will explain what the Common Criteria Certificate is, how a vendor achieves it and why a vendor would want it.
Common Criteria is based on the idea of a sound way of evaluating the security of an operating system. Common Criteria has evolved over the years. Security evaluation criteria goes back to the ‘70’s. The first standard for this criteria was published in the United States Trusted Computer Systems Evaluation Criteria (TCSEC), the “Orange Book.” It was published in 1985 by the National Security Agency. Europe came up with similar standards in an effort to create an international standard called Information Technology Security Evaluation and Certification (ITSEC) in 1991. This led to the CC Editorial Board (CCEB) which was formed establishing globally recognized standards for security evaluation (dinopolis). Each country has its own organization that enforces and advertises these international standards. In the United States, both the NSA and the National Institute of Standards and Technology meet the security and testing needs of Information Technology producers and consumers. They do this through a joint program called the National Information Assurance Partnership (NIAP). The responsibilities of these organization are outlined in the Computer Security Act of 1987 (epic).
In order for a vendor to be awarded the Common Criteria Certification it must pass all required tests for a security certification accepted in 15 countries. There are three parts to the CC: 1) Introduction and general model, is the introduction to the CC. It defines general concepts and principles of IT security evaluation and presents a general model of evaluation. 2) Security functional requirements, establishes a set of security functional components as a standard way of requirements for Targets of Evaluation (TOEs). 3) Security assurance requirements, establishes a set of assurance components as a standard way of expressing the assurance requirements for TOEs (CRYPTIC).
Common Criteria is essential particularly in these times of heightened Information security awareness. The CC Certification is verification that the operating system has met a specific level of security. Consumers are more likely to purchase an operating system that is internationally accredited than one with just a good reputation.
This certification took Microsoft three years and millions of dollars to attain. Very few companies have the time, money and resources to reach this level security. According to Microsoft they obtained the Common Criteria “because its evaluation and certification process helps consumers make informed security decisions (Microsoft).”
Works Cited
Dinopolis. Common Criteria History. 11 May 2001. http://www.dinopolis.org/documentation/misc/theses/hhaub/node78.html
NIAP. Common Criteria Evaluation Verification Scheme.
http://niap.nist.gov/
Electronic Privacy Center. Computer Security Act of 1987. http://www.epic.org/crypto/csa/
Microsoft. Windows 2000 achieves the Common Criteria Certificate. 29 Oct 2002.
http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/cccert.asp#top
Radium. The Rainbow Series Library. 28 June 2000.
http://www.radium.ncsc.mil/tpep/library/rainbow/
Digg
del.icio.us
Blink
Stumble
Spurl
Reddit
Netscape
Furl
Article Source: http://www.articles2k.com
Rob Elam has authors the eLamb ★ Computer security blog at http://elamb.org. He has been doing security for the Department of the Defence for 10 years and is currently a System Security Engineer in Colorado.
|
|
| Top Computers Articles |
- 1). The danger behind peer-to-peer file sharing By : Migz Mon
File sharing is very common nowadays. You can get a P2P (peer-to-peer) program for free, and soon start sharing stuff like music, videos and programs. We use these applications freely and most of us don’t know the risks involved when using them.
Questionable reliability of files – Once we get our hands on a P2P program, we download everything we want like crazy.
|
|
|
|
|
- 4). Is The Internet Censored? By : J Schipper
When most people think about Internet censorship, the usual suspects immediately come to mind : Communist China and repressive Islamic countries. Unfortunately, Westerners have an embarrassment all their own : Australia's net censorship law, established in 2000.
Freedom House, a non-profit U.S. organization dedicated to spreading human rights and freedom, undertakes regular surveys on press freedom and censorship.
|
- 5). Toshiba Libertto U100, smaller yet better than you might imagine! By : john
Have you ever wondered how small a laptop can be? Well, utilizing today’s technology Toshiba does a perfect job at demonstrating it; the Libertto U100 is one of the very few laptops that have such a rich feature set fitted altogether within such a small space. Of course, if you believe that a fingerprint authentication system is too much for such a.
|
- 6). Does CCTV Really Reduce Crime? By : Robert Michael
In the UK, home of twenty percent of the world's CCTV cameras, there is mounting concern about its invasion and lack of regulation. "UK Public CCTV Surveillance Regulation Campaign."
The thought-provoking questions they ask are good ones.
They want to know, for instance, why, if television programming and licensing is so heavily regulated in the UK.
|
|
|
- 8). Preparation Tips For Comptia A+ Certification By :
The Industry Standard CompTIA A Plus Certification exam has two parts; approximately 80 questions for each part.
* Core Hardware: $153 - min. passing score 515
* Operating Systems Technology: $153 - min. passing score 505
(CompTIA corporate members can take the exams for $98, employers that require this test are usually corporate members and will inform you of this.
|
- 9). Can Cell Phones Harm Your Health? By : D Ruplinger
It seems like everywhere a person goes there is at least one person in view with a cell phone to their ear whether it is on the road, in a store, in a parking lot, walking down the street, etc. Even in places where cell phone usage is banned such as concert halls or movie theaters there is the occasional offender, or more likely, at least a few people using the text messaging feature on their phone.
|
|
|
| New Computers Articles |
|
|
|
|
|
|
|
|
- 5). If You Want Flexibility And Portability Consider A Laptop By : Gregg Hall
If you are one of those who works with a computer on a daily basis like me you should consider a laptop. I have actually owned three now and I think I would be lost without mine. I still use my desktop PC quite a bit at home but the laptop comes in extremely handy when I am away.
|
|
|
- 7). Becoming A DVD Repair Expert Online By : Maxine Schel
Many conventional colleges and universities are now offering online DVD repair courses, which are the exact same as those taught on a traditional college campus, to distance learners. Online education is generally taught through the use of several different methods, including online satellite feeds, correspondence or online lessons. This technique permits the student to obtain a DVD repair degree without ever having to step inside of a classroom.
|
- 8). Compatible Inkjet Cartridge By : Isabel Rodrigues
Once the printer ink runs dry it has to be replaced with another inkjet cartridge. There are many reputed companies like Canon, Epson, Dell, and Lexmark that provide the necessary cartridges to replace the empty cartridges. Replacing inkjet cartridge can add to a very big cost. It could be worse if you have to replace the empty cartridges frequently every month.
|
- 9). Best Passwords By : Richard Romando
No sane person would ever like someone else reading her email. Or for that matter some other person using her password and breaking into a financial institution. You should, therefore, choose a strong, secure password in such a manner that would be a hard nut to crack for others and easy for you to remember. The more random and mixed-up you make it, the harder it is for others to crack.
|
- 10). Home Printing Machines By : Peter Vermeeren
Home printing machines are available on the market today in many sizes, prices and capabilities. Many different forms of printing can be accomplished in the home. Whether you want to create unique tee-shirts using a home screen printing machine or you want to produce elegant laser printed letters, the equipment is readily available to you for home use.
|
|
|
