An assessment of the role of the common criteria in the international mutual recognition of trusted information system evaluations
This research study documents the twelve year evolution of diverse international criteria for evaluating trusted information systems. The study explains what trusted information systems are, why they are needed, and how their security functionality and assurance is expressed and measured. The research traces the development of the U.S., European, Canadian, and Japanese criteria for evaluating trusted information systems, and addresses the effort to replace the existing U.S. criteria. The study examines the need for mutual recognition of trusted information system evaluations by looking at the evaluation processes and the rating schemes in the U.S., Europe, and Canada. It further discusses the consequences of diverse international criteria and shows how the lack of mutual recognition of evaluations is causing significant problems for those that criteria were initially developed to help, such as computer vendors, allied nations and user organizations, systems integrators, and evaluators. The study looks at the attempts by the North Atlantic Treaty Organization (NATO) and the International Standards Organization (ISO) to harmonize the national and multinational criteria. It also reviews the current international harmonization effort by the Common Criteria Editorial Board (CCEB). The research study demonstrates the thesis that there are three integral parts of the formula to achieve the goal of international mutual recognition of trusted information system evaluations, and that all three parts need to be achieved in parallel. To that end, this research shows that the joint effort by the governments of the United States and Canada, together with the Commission of the European Communities, to produce a harmonized set of common international criteria for developing and evaluating trusted information systems is necessary, but insufficient because additional international standards for a common evaluation process and for a set of common evaluator qualifications are also needed. (Abstract shortened by UMI.).