Common Criteria For Security

Author: · September 2, 2009 · Filed Under Thoughts  - 0 Comment(s)

SEER estimates the costs of the various levels of the common criteria (Common criteria for Information Technology Security Evaluation [CC])  first requested and supported by the MOD in the UK and more widely used today.  It is obvious how common criteria is appropriate for sophisticated systems.  But today I was looking at a brochure for a new copier… A NEW COPIER!!! and in the brochure was a huge writeup on how the copier “currently holds the highest MFP Data Security Kit validation in the industry.”

From Wikipedia:

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1.[1]

Common Criteria is a framework in which computer system users can specify their security requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner.

Thank you for reading “Dan on Estimating”, if you would like more information about Galorath’s estimation models, please visit our contact page, call us at +1 310 414-3222 or click a button below to ask sales questions, sign up for our free library or schedule a demo.


Leave a Reply

You must be logged in to post a comment.