NIAP: NIAP Home Page
NIAP/CCEVS Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 


  • General Pupose Operating Systems, Version 4.2.1 Published

     

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) has posted the General Purpose Operating System Protection Profile (GPOS PP), Version 4.2.1. This minor version has been published solely to address issues identified as a result of the evaluation of the GPOS PP, Version 4.2 . The only changes made were typographical errors related to the CC conventions for indic...

    Read More

  • Call for Participants for Software Defined Network (SDN) Controller Technical Community

     

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the development of a Protection Profile for Software Defined Network (SDN) Controller. Members of this TC are expected to provide technical input to the development of a Protection Profile for a baseline set of Security Functional Requirements (...

    Read More

  • See the NIAP First Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

    Read the report here.

  • MDM PP, Version 4.0 and MDM Agent PP-Module, Version 1.0 Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile (PP) for Mobile Device Management (MDM), Version 4.0 and PP-Module for MDM Agent Version 1.0. The MDM PP updates included Technical Decisions (TDs) resulting from prior completed evaluations, incorporation of the TLS Functional Package, the addition of an equivalency section, and cloud interoperability. The MDM Agent changes included conversion ...

    Read More

  • NIAP Endorses NDcPP v2.1

    NIAP has endorsed the Network Device collaborative Protection Profile v2.1 (NDcPP v2.1) and published the cPP and Supporting Documents to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the ND cPP that demonstrate exact conformance to the cPP, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This version succeeds Version 2.0E which will sunset effective 10 Se...

    Read More

  • See the 2018 NIAP Annual Report to learn about NIAP 2018 accomplishments and activities.  Read the report here

  • Application Software v1.3 Protection Profile Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Application Software, Version 1.3. The PP updates include Technical Decisions resulting from prior completed evaluations, incor...

    Read More

  • Functional Package for Transport Layer Security (TLS) Version 1.1 Published

     

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Functional Package for Transport Layer Security (TLS) Version 1.1. This minor version update is limited to clarifications regarding override for invalid certificates, renegotation_info extension, DTLS versions, and named Diffie-Hellman groups in DTLS contexts. Given the m...

    Read More

  • Want more news?

    Check out all the announcements online or...

    subscribe.













  Focus Areas

Industry
 
U.S. Government
 
International Partners
  Events


Site Map              Contact Us