atsec

The information security provider.
homesitemapblog
  • Services
  • Company
  • News & Events
  • Resources
  • Contact
Deutsch | 汉语

Product Evaluation
and Testing
Common Criteria (ISO/IEC 15408)
FIPS 140-2
Cryptographic Algorithm Testing
SCAP
NPIVP Testing
Biometrics Testing
GSA PIV Evaluation (FIPS 201)

Compliance and Audit
ISO/IEC 27001
SOX and Euro-SOX
FISMA Certification Support
HIPAA and HITECH
NASPO

Consulting and Training
VTDR for GSA FIPS 201
Embedded Systems
Hardware Security Testing and Analysis
Penetration Testing
PCI Consulting
US Export Control for Cryptography
Training

 back to the list of services
 

Common Criteria

What atsec offers

atsec has extensive experience with Common Criteria projects. Please take a look at our list of successful evaluations.

Only a limited number of laboratories worldwide are officially accredited and licensed to perform evaluations based on the Common Criteria. atsec offers a full range of services to meet your needs in planning and pursuing Common Criteria evaluation:

  • Readiness assessment to help you estimate the level of effort that will required to successfully evaluate the security functions of your product.
  • Conformance evaluation resulting in a certificate issued by one of the following:
    • U.S. National Information Assurance Partnership's (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS),
    • German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI).
    • Swedish CC scheme, Sveriges Certifieringsorgan för IT-säkerhet (CSEC) operated by FMV.
  • Consulting services include:
    • production of a Security Target
    • discovery or production of evidence to support the evaluation project
    • production of a Protection Profile
  • Protection Profile evaluation
  • Education and training for your staff to optimize your efforts in pursuing Common Criteria certification
  • Migration assistance to Common Criteria version 3.1

Why our services are important to you

The evaluation of technical components and products against internationally-accepted, standardized criteria allows companies to objectively demonstrate the reliability of its security functionality.

The Common Criteria (CC) and the internationally-recognized ISO standard (ISO15408) is used by governments and other organizations to assess security and assurance of information technology products. The CC standard provides a uniform way of expressing security requirements and defines a set of rigorous criteria by which a product's security aspects (for example, development environment, security functionality, and handling of security vulnerabilities) can be meaningfully evaluated.

For more information

Please refer to our resource pages.

 

(c) 2012 atsec information security | Legal Notice | Data Protection Notice | Environmental Policy | Security Policy |  atsec IT security blog atsec on facebook atsec on twitter atsec on LinkedIn atsec on digg.com