NIAP: NIAP Home Page
NIAP/CCEVS Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 


  • Application Software v1.2 Protection Profile Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Application Software, Version 1.2. The PP includes updates based on completed evaluations as well as questions sent to the Technical Rapid Response Team. This PP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=394

  • Call for participants in the iTC for Dedicated Security Components

     

    A call for participants in the international Technical Community (iTC) to develop a collaborative Protection Profile (cPP) for Dedicated Security Components (DSC) has been posted to the Common Criteria Portal: https://www.commoncriteriaportal.org/communities/dedicated_security_components.cfm.

    Read More

  • New TD - Revision to FDP_VOP_EXT.1.1 in VoIP PP v1.3

    NIAP recently released a Technical Decision titled, Revision to FDP_VOP_EXT.1.1 in VoIP PP v1.3. It can be viewed at https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=91. If you have any questions or concerns, please email us at niap@niap-ccevs.org.

  • Call for Participants in Enterprise Session Controller Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is inviting industry, government, end users, academic institutions, and labs with relevant technology expertise and research focus to participate in the Enterprise Session Controller (ESC) Technical Community (TC). The ESC Extended Package (EP) is expected to become an EP to the Network Device Collaborative Protection Profile (ND cPP) and will replace the SIP S...

    Read More

  • The NIAP 1st Quarter Progress report reveals greater activity for NIAP scheme participants and partners than in 2015.

    Read More

  • RNG Transitions and the PCL

    Effective January 2016, the random number/bit generators specified in ANSI X9.31 and DUAL_EC_DRBG are disallowed for the US government. NIST provided notice ...

    Read More

  • Candidate iTC for Application Software

    The CCDB Application Software Working Group has completed the Essential Security Requirements for Application Software. Information on how to join the candid...

    Read More

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is inviting industry, government, end users, academic institutions, and labs with relevant technology expertise and research focus to participate in the Voice and Video over IP (vVoIP) Technical Community (TC) and/or the Enterprise Session Controller (ESC) TC.  If you are interested in joining either technical community and participating in the development of a Protection Profile for these technologi...

    Read More

  •  

     

     

    NIAP has released the 2015 Progress Report that documents significant accomplishments in all NIAP mission areas under the new evaluation scheme.

     

    See the Report.

     

     

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Extended Package for Secure Shell (SSH). The SSH EP has been developed to extend the Protection Profiles for Application Software (AppPP), General-Purpose
    Operating Systems (GPOSPP), or Mobile Device Management (MDM).

    This EP serves to extend the PP baselines with additional SFRs and associated Assurance Activities specific to SSH clients and servers. It i...

    Read More

  • Wireless LAN Client Extended Package Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Wireless LAN Client Extended Package. The WLAN Client EP has been updated as an EP to either the General Purpose Operating System (OSPP) or the Mobile Device Fundamentals PP (MDF PP).


    This EP extends the OS PP when the WLAN client is installed on an operating system that is evaluated against that PP. This EP extends the MDF PP when the WLAN client is inst...

    Read More

  • Call for Participants in WIDS Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is inviting industry, government, end users, academic institutions, and labs with relevant technology expertise and research focus to participate in the Wireless Intrusion Detection System (WIDS) Technical Community (TC).  If you are interested in joining the technical community and participating in the development of a Protection Profile for this technology, contact NIAP/CCEVS at:
     
    t...

    Read More

  • Want more news?

    Check out all the announcements online or...

    subscribe.













  Focus Areas

Industry
 
U.S. Government
 
International Partners
  Events


Site Map              Contact Us