accesskey _ mod _ content

26 countries have ratified the revision of the settlement on the recognition of certificates of Common Criteria in the field of information technology security.

10 september 2014

Common Criteria logo

El objetivo último de la revisión es facilitar que los resultados de la evaluación de los productos de seguridad de las tecnologías de la información sean razonables, comparables, reproducibles y eficientes.

La revisión del Arreglo sobre el Reconocimiento de los Certificados de Criterios Comunes en el campo de la Seguridad de la Tecnología de la Información (conocido como CCRA) ratificada por los 26 países miembros del mismo, incluyendo a España, y cuyo texto se puede consultar en el siguiente enlace http://www.commoncriteriaportal.org/files/CCRA%20-%20July%202,% 202014% 20-% 20Ratified% 20September% 208% 202014.pdf (Opens in new window) , was published on 8 september 2014.

On the part of spain has made a joint signing between the centre Cryptologic, national and the state secretariat for Public administrations.

Esta revisión del Arreglo es el resultado de los trabajos realizados durante los años 2013 y 2014 para producir una nueva versión actualizada acorde a la evolución desde la firma del primer Arreglo el 23 de mayo de 2000.

The Agreement specifies the required profile of common criteria Certificates, certification bodies and Evaluation of the security of information technologies. Other developments have included better collaboration público-privada through the establishment of so-called international technical communities (international Technical Communities (iTCs)) and the definition of functional requirements of security through the profiles of collaborative protection (collaborative Protection Profiles (cPPs)) applicable to products such as USB devices, firewall, cifradores of cds, etc.

Certificates are issued by the security certification bodies, in spain The certification body of the national assessment and certification of the it security (Opens in new window)

The arrangement has interest to the National security (Royal Decree 3/2010, on 8 january) that, in connection with the acquisition of products, provides for:

  • assess positively the certification of security in the acquisition of products on the part of the public authorities (item 18.1)
  • recognizes the role of the national certification body (item 18 (3))
  • shows how the use of products whose security may be certified contributes to the satisfaction of safety requirements so provided in the security measures for the adequate protection of information (Annex II)
  • e includes model clause to the technical requirements (RD 3/2010, annex V).

Original source of news (Opens in new window)

  • Security
Subscribe to the youtube channel of OBSAE
 
Subscribe to the youtube channel of OBSAE