Download presentation
Presentation is loading. Please wait.
Published byColin French Modified over 9 years ago
1
Common Criteria Recognition Arrangement 8 th ICCC Rome, 25 th September 2007 Report by the MC Chairman Gen. Luigi Palagiano
2
Rome, 25 september 2007 1 The diffusion of IT systems and networks empowers the international and national exchange of information But, at the same time …. The growing connectivity among secure and insecure networks creates new opportunities for unauthorized intrusions into sensitive networks and computer systems. Introduction
3
Rome, 25 september 2007 2 Terrorists, drugs trafficker and criminal organisations will take advantage of the new high speed information technologies supporting their illegal activities
4
Rome, 25 september 2007 3 The complexity of systems and computer networks is growing faster than the ability to understand and protect them by identifying critical nodes, verifying security, and monitoring activity and intrusion attempts. System & Network complexity
5
Rome, 25 september 2007 4 1.Capture data related to industrial, military or national security; 2.Destroy or control information systems which are for critical infrastructures (for example: airports) 3.Information alteration Systems / Networks Threats
6
Rome, 25 september 2007 5 Security can be defined as: “Getting rid of any unacceptable risk". The risks relate the following categories of losses: Confidentiality of Information Integrity of Data and system related assets Availability of Data and Service Definition of IT Security
7
Rome, 25 september 2007 6 Assurance that information is shared only among authorized persons or organisations. Assurance that information is shared only among authorized persons or organisations. Breaches of Confidentiality can occur when data is not handled in a manner adequate to safeguard the confidentiality of the information concerned. Breaches of Confidentiality can occur when data is not handled in a manner adequate to safeguard the confidentiality of the information concerned. Confidentiality
8
Rome, 25 september 2007 7 Assurance that the information is authentic and complete. Ensuring that information can be relied upon to be sufficiently accurate for its purpose. Assuring information will not be accidentally or maliciously altered or destroyed. Integrity
9
Rome, 25 september 2007 8 Ensuring that information and service is available to authorized users, when needed. Availability
10
9 Rome, 25 september 2007 History of Common Criteria TCSEC (USA) 1983 - 1985 Canada, first initiative 1989 - 1993 NIST - MSFR 1990 Federal Criteria 1992 Common Criteria Project, 1993 Common Criteria ver. 1.0, 1996 Common Criteria ver. 2.0, 1998 ISO 15408 08/06/1999 CTCPEC 3 1993 National and Regional European Initiatives, 1989 – 1993 ISO Initiatives 1992 ITSEC 1992
11
Rome, 25 september 2007 10 8th June 1999 CC is approved as International Standard ISO 15408 History of Common Criteria
12
Rome, 25 september 2oo7 11 Nations taking part to the Common Criteria Recognition Arrangement AustraliaCanada GermanyGreece FinlandFrance IsraelItaly NetherlandsNew ZealandNorway SpainU.S.A.United Kingdom
13
Common Criteria participant Nations Australia, Canada, Finland, France, Germany, Greece, Israel, Italy, Netherland, New Zealand, Norway, Great Britain, Spain, U.S.A. Austria, Sweden Hungary, Turkey Czech Republic, Japan India, Singapore Korea, Denmark Malaysia 2000200220032004200520062007 Year (14) (2) (1) Participant nations Rome, 25 september 2007 12
14
Variations during 2007 year New Entrant –Malaysia Status change –Sweden –Singapore Interested in adhesion to CCRA –Tunisia –Belgium 13 Rome, 25 september 2007
15
How are Countries divided ? Certificate Authorizing Participants –Australia - New Zealand, Canada, France, Germany, Japan, Korea, Netherland, Norway, Spain, Sweden (*), UK, USA. Certificate Consuming Participants –Austria, Czech Republic, Denmark, Finland, Greece, Hungary, Israel, Italy, India, Malaysia, Singapore, Turkey. (*) shadow certification in progress 14 Rome, 25 september 2007
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.