<
 
 
 
 
×
>
hide
You are viewing a Web site, archived on 15:40:46 Oct 21, 2004. It is now a Federal record managed by the National Archives and Records Administration.
External links, forms, and search boxes may not function within this collection.
go to NIST home page go to CSRC home page go to Focus Areas page go to Publications page go to Advisories page go to Events page go to Site Map page go to ITL home page CSRC home page link
header image with links

CC Logo

 
CC HOME
 
CC V2.1
 
CEM V1.0
 
Guidance on using CC
 
Protection Profiles (PPs)
 
CCEVS Evaluation
Precedence Database

 
NIAP Interpretations
 
International
Interpretations

 

CSRC Homepage
 

  Common  Criteria  for  IT  Security  Evaluation

Common Language to Express Common Needs
 

By using the navigation bar to the left, you will find information about the Common Criteria for IT Security Evaluation (CC), the Common Evaluation Methodology (CEM), and their use.

Common Criteria Background:

In June 1993, the sponsoring organizations of the existing US, Canadian, and European criterias started the CC Project to align their separate criteria into a single set of IT security criteria. Version 1.0 of the CC was completed in January 1996. Based on a number of trial evaluations and an extensive public review, Version 1.0 was extensively revised and CC Version 2.0 was produced in April of 1998.  This became ISO International Standard 15408 in 1999.  The CC Project subsequently incorporated the minor changes that had resulted in the ISO process, producing CC version 2.1 in August 1999.

Today the international community has embraced the CC through the Common Criteria Recognition Arrangement (CCRA) whereby the signers have agreed to accept the results of CC evaluations performed by other CCRA members.

The Common Criteria Project is represented on the web at www.CommonCriteriaPortal.org


Common Criteria in the United States:

The US is represented within the CC Project by the National Information Assurance Partnership (NIAP), a joint NIST and National Security Agency (NSA) project.  NIAP, in turn, has established the Common Criteria Evaluation and Validation Scheme (CCEVS) to implement the CCRA compliant evaluation scheme within the US.


 


Last updated: July 28, 2004
Page created: November 12, 2002

Disclaimer Notice & Privacy Statement / Security Notice
Comments and suggestions should go to: webmaster-csrc@nist.gov
NIST is an Agency of the U.S. Commerce Department's
Technology Administration