NIAP: NIAP Home Page
NIAP/CCEVS Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 


  • Call for Participants in Virtual Private Network (VPN) Client and VPN Gateway Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the VPN Client and VPN Gateway (GW) PP-Modules.  Members of this TC are expected to provide technical input to update the Modules to incorporate two-factor authentication.

    Please note: If you are already a member of this Technical Community, there is no need to re-...

    Read More

  •  

    The NIAP CCEVS Policy #5 Frequently Asked Questions (FAQ) and Certificate Reporting Template (CRT)  have been updated and published to the NIAP website. These documents provide clarification and guidance of how NIST's algorithm and module validations are determined to be acceptable evidence for meeting some PP/cPP assurance act...

    Read More

  • Virtualization Protection Profile v1.1 and PP-Modules for Client and Sever Virtualization v1.1 Published!

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Virtualization Protection Profile, Version 1.1 (VIRTUALIZATION PP), PP-Module for Client Virtualization, Version 1.1 (CV PP-Module), and PP...

    Read More

  • Call for Participants in Wireless Local Area Network (WLAN) Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Wireless LAN Access System (WLAN AS) and Wireless LAN Client (WLAN Client) PP-Modules V1.0. ...

    Read More

  • Call for Participants for Transport Layer Security (TLS) Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Functional Package for Transport Layer Security (TLS).  Members of this TC are expected to provide technical input to update the Package to include requirements for TLS v1.3 and deprecate support for v...

    Read More

  • PP-Module for Intrusion Prevention Systems (IPS) Published!

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for Intrusion Prevention Systems (IPS), Version 1.0. 

    Changes were limited to converting the IPS Extended Package to PP-M...

    Read More

  • See the NIAP First Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases. 

    Read the report here.

     

  • Functional Package for Secure Shell (SSH), Version 1.0 Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Functional Package for Secure Shell (SSH), Version 1.0. NIAP converted the SSH Extended Package (EP) to a Functional Package (FP) for easier use with PPs and PP-Modules and updated the SFRs/EAs to match current best practices with respect to the SSH protocol. Notable change...

    Read More

  • Want more news?

    Check out all the announcements online or...

    subscribe.













  Focus Areas

Industry
 
U.S. Government
 
International Partners
  Events


Site Map              Contact Us