Advertisement

Common Criteria: Origins and Overview

  • John Tierney
  • Tony BoswellEmail author
Chapter

Abstract

This chapter will consider how the Common Criteria for Information Technology Security Evaluation evolved, how they are defined and how they are used in practice. As an example we will look at how Common Criteria is applied to smart card evaluations. This chapter will not attempt to describe the full detail of Common Criteria, but will explore the scope of the criteria, the infrastructure that supports their use, and how protection Profiles and Security Targets are created to act as baselines for evaluations. As such it acts as an introduction to the use of Common Criteria, on which a reader can base further reading and practice in order to apply Common Criteria to real-world situations.

Keywords

Smart card Common Criteria Security evaluation 

References

  1. 1.
    Common Criteria for Information Technology Security Evaluation - Part 1: Introduction and general model, Version 3.1 Revision 4, September 2012, CCMB-2012-09-001 (available from the ‘Publications’ section at www.commoncriteriaportal.org)
  2. 2.
    Common Criteria for Information Technology Security Evaluation - Part 2: Security functional components, Version 3.1 Revision 4, September 2012, CCMB-2012-09-002 (available from the ‘Publications’ section at www.commoncriteriaportal.org)
  3. 3.
    Common Criteria for Information Technology Security Evaluation - Part 3 Security assurance components, Version 3.1 Revision 4, September 2012, CCMB-2012-09-003 (available from the ‘Publications’ section at www.commoncriteriaportal.org)
  4. 4.
    Common Methodology for Information Technology Security Evaluation - Evaluation methodology, Version 3.1 Revision 4, September 2012, CCMB-2012-09-004 (available from the ‘Publications’ section at www.commoncriteriaportal.org)
  5. 5.
    Arrangement on the Recognition of Common Criteria Certificates In the field of Information Technology Security, 2 July 2014 (available from the ‘About the CC’ section at www.commoncriteriaportal.org)
  6. 6.
    Application of Attack Potential to Smartcards, v2.9, May 2013, CCDB-2013-05-002 (available from the ‘Publications’ section at www.commoncriteriaportal.org)
  7. 7.
    Security IC Platform Protection Profile, version 1.0, 15 June 2007, BSI-PP-0035 (available from the ‘Protection Profiles’ section at www.commoncriteriaportal.org)
  8. 8.
    Composite Product Evaluation for Smart Cards and Similar Devices, v1.2, April 2012, CCDB-2012-04-001 (available from the ‘Publications’ section at www.commoncriteriaportal.org)

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.MasterCardNew YorkUSA
  2. 2.DNV GLCambridgeUK

Personalised recommendations