NIAP and COTS Product Evaluations - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Information Assurance Menus

Information Assurance Menu

Information Assurance About IA at NSA Partners Rowlett Awards Award Recipients Background Nomination Procedures Links IA Client and Partner Support IA News IA Events IA Mitigation Guidance Media Destruction Guidance Security Configuration Guides Applications Archived Guides Cisco Router Guides Database Servers Fact Sheets Industrial Control Systems (ICS) IPv6 Operating Systems Supporting Documents Switches VoIP and IP Telephony Vulnerability Technical Reports Wireless System Level IA Guidance TEMPEST Overview TEMPEST Products: Level I Certified Confirmed Deficiencies Suspended Terminated No Longer Produced TEMPEST Products: Level II Certified Confirmed Deficiencies Suspended Terminated No Longer Produced TEMPEST Company POCs Certified Suspended Terminated Trusted Computing IA Academic Outreach National Centers of Academic Excellence in IA Education CAE/IAE Program Criteria CAE-R Program Criteria Colloquium Institutions SEAL Program Applying FAQs IA Courseware Evaluation Program Institutions FAQs Student Opportunities IA Business and Research IA Business Affairs Office Certified Product Sales and Support Commercial COMSEC Evaluation Program Commercial Satellite Protection Program Independent Research and Development Program User Partnership Program Partnerships with Industry NIAP and COTS Product Evaluations IA Programs Commercial Solutions for Classified Program Global Information Grid High Assurance Platform HAP Technology Overview HAP Technology Partner Program HAP Resource Library Inline Media Encryptor Suite B Cryptography NSA Mobility Program IA Careers Contact Information	Skip Search Box Searchbox NIAP and COTS Product Evaluations NSA manages the National Information Assurance Partnership (NIAP), a U.S. Government program originated to meet the security testing needs of both consumers and producers of information technology (IT). Through the NIAP's Common Criteria Evaluation and Validation Scheme (CCEVS), approved Common Criteria Testing Laboratories (CCTLs) evaluate Commercial Off-The-Shelf Products. The CCEVS Validation Body: Provides technical guidance to CCTLs Validates the results of IT security evaluations for conformance to the International Common Criteria for IT Security Evaluation, and Serves as an interface to other nations for the recognition of such evaluations. The CCEVS Validation Body also maintains lists of IT products and Protection Profiles: NIAP Validated Products, those completed under the CCEVS Products and Protection Profiles In Evaluation, those in progress Certified Products List, those completed under the Schemes of authorized signatures to the Arrangement on the Mutual Recognition of Common Criteria Certificates in the Field of IT Security. U.S. Government Protection Profile for Separation Kernel in Environments Requiring High Robustness, Version 1.03 (SKPP) - NSA/IAD's efforts to support existing SKPP evaluations have revealed a number of difficulties in the areas of assurance maintenance, scalability, cost and complexity when applied to complex commodity platforms. Please go to the links below for detailed explanation of the reason for sunsetting. The NSA/IA Director has approved the sunsetting of the SKPP based on the extensive research and documentation by the IAD Vulnerability Analysis and operations organization. The following three documents provide the reasoning for this decision: Email sent to affected commercial partners (http://www.niap-ccevs.org/announcements/SKPP%20Email%20to%20Vendors.pdf) "Separation Kernels on Commodity Workstations" (http://www.niap-ccevs.org/announcements/Separation%20Kernels%20on%20Commodity%20Workstations.pdf) "SKPP Sunset Q&A" (http://www.niap-ccevs.org/announcements/SKPP%20Sunset%20Q&A.pdf)
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom