15th ICCC Conference 2014
Needs of ICCC Conference The Common Criteria defines a common framework for defining and evaluating information technology security systems and IT products. The framework provided by the International Common Criteria allows government agencies and other groups to define sets of specific functional and documentation assurance requirements they expect the product to meet user requirement to keep in highly secured. The Common Criteria also provides evaluation laboratories with procedures for the evaluation of products or systems against the specified requirements.
15th Common Criteria Conference in India
An extremely comprehensive program arranged by government of India in 2014, the Common Criteria comprise that is made up of many parts. For example, the Mutual Recognition Arrangement (MRA) is an informal agreement among countries that accepts the results of each other's security testing and evaluations. The U.S. signatories, NSA
and NIST, working jointly for the National Information Assurance Partnership (NIAP) have developed an informal standard called the Common Criteria Evaluation and Validation Scheme (CCEVS). CCEVS summarizes all the standards used by the U.S. in order to conform to the Common Criteria. The Common Criteria comprise an extremely comprehensive program that is made up of many parts. For example, the Mutual Recognition Arrangement (MRA) is an informal agreement among countries that accepts the results of each other's security testing and evaluations. The U.S. signatories, NSA and NIST, working jointly for the National Information Assurance Partnership (NIAP) have developed an informal standard called the Common Criteria Evaluation and Validation Scheme (CCEVS). CCEVS summarizes all the standards used by the U.S. in order to conform to the Common Criteria.
ICCC Protection Profile of IT products: A Protection Profile (PP) is a type of written document for a particular group of IT products ie VPN, firewall, remote access etc. A Protection Profile contains a set of Functional and Assurance requirements for a product or system written to be implementation independent. The product categories that published Protection Profiles presently include the following: • • • • • • •
Switches and routers VPNs Operating systems Tokens Certificate management Databases Role-based authentication
• • • • • • •
Firewalls Remote access Biometrics Smart cards Key recovery IDS
For more contact us Dhawal Gupta STQC Directorate Department of Electronics and IT Ministry of Communications & IT, Electronics Niketan, 6 CGO Complex, New Delhi -110003 Email : contact@15icccindia.com