The Common Criteria (CC) certification framework defines a widely recognized, multi-domain certification scheme that aims to provide security assurances about IT products to consumers. However, the CC scheme does not prescribe a monitoring scheme for the CC practice, raising concerns about the quality of the security assurance provided by the certification and questions on its usefulness. In this paper, we present a critical analysis of the CC practice that concretely exposes the limitations of current approaches. We also provide directions to improve the CC practice
It is a common belief that the rise of standardized software certification schemes like the Common C...
This document presents a technical analysis of available assurance techniques proposed by the Common...
Common Criteria Arrangement The IT product identified in this certificate has been evaluated at an a...
The Common Criteria (CC) certification framework defines a widely recognized, multi-domain certifica...
Over the last few years, private and public organizations have suffered an increasing number of cybe...
Information security has become a key concern for organizations conducting business in the current e...
Abstract: In 2012 the two open source projects CESeCore and EJBCA were Common Criteria certified [CC...
assessment was the Certification Report, the Security Target and the Evaluation Technical Report of...
The IT product identified in this certificate has been evaluated at an accredited and licensed/ appr...
It is a common belief that the rise of standardized software certification schemes like the Common C...
The Information Technology (IT) product identified in this certification report, and its associated ...
Advances of emerging Information and Communications Technology (ICT) technologies push the boundarie...
Common Criteria is a scheme that minimize IT products’s vulnerabilities in accordance with the evalu...
assessment was the Certification Report, the Security Target and the Evaluation Technical Report of...
The Certification Body of the UK IT Security Evaluation and Certification Scheme is a member of the ...
It is a common belief that the rise of standardized software certification schemes like the Common C...
This document presents a technical analysis of available assurance techniques proposed by the Common...
Common Criteria Arrangement The IT product identified in this certificate has been evaluated at an a...
The Common Criteria (CC) certification framework defines a widely recognized, multi-domain certifica...
Over the last few years, private and public organizations have suffered an increasing number of cybe...
Information security has become a key concern for organizations conducting business in the current e...
Abstract: In 2012 the two open source projects CESeCore and EJBCA were Common Criteria certified [CC...
assessment was the Certification Report, the Security Target and the Evaluation Technical Report of...
The IT product identified in this certificate has been evaluated at an accredited and licensed/ appr...
It is a common belief that the rise of standardized software certification schemes like the Common C...
The Information Technology (IT) product identified in this certification report, and its associated ...
Advances of emerging Information and Communications Technology (ICT) technologies push the boundarie...
Common Criteria is a scheme that minimize IT products’s vulnerabilities in accordance with the evalu...
assessment was the Certification Report, the Security Target and the Evaluation Technical Report of...
The Certification Body of the UK IT Security Evaluation and Certification Scheme is a member of the ...
It is a common belief that the rise of standardized software certification schemes like the Common C...
This document presents a technical analysis of available assurance techniques proposed by the Common...
Common Criteria Arrangement The IT product identified in this certificate has been evaluated at an a...