NIAP: NIAP CCEVS Announcements
NIAP/CCEVS
  NIAP  »»  Announcements  »»  NIAP Announcements  
NIAP Announcements

  Call for Participants for SSL/TLS Inspection Technical Community (08 February 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a technical community for the development of a protection profile for TLS Inspection products. Members of this TC are expected to provide technical input to the development of Protection Profile for products that provide a TLS inspection capability.

All interested parties should contact NIAP/CCEVS at tc-tlsi-staff@niap-ccevs.org, providing the information listed below for each potential participant: 

 

Name 

 

Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)  

 

Telephone number 

 

Email address 

 

A brief statement of the qualifications for participation in the TC

 

 

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann176

  NIAP 2016 Report (19 January 2017)

NIAP has released the progress report for 2016 that documents significant accomplishments and looks further ahead into 2017.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann175

  Mobile Device Management Protection Profile v3.0 and Mobile Device Management Agents Extended Package v3.0 Published (07 December 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Mobile Device Management, Version 3.0 (MDM PP v3.0) and MDM Agents Extended Package, Version 3.0 (MDM Agent EP v3.0). This PP/EP includes updates based on questions sent to the Technical Rapid Response Team, clarification to many requirements and assurance activities, and adding SFRs to support Bring Your Own Device (BYOD) Use Case. This PP/EP can be found here:  https://www.niap-ccevs.org/Profile/PP.cfm      

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann174

  Updated DoD Annexes for MDM PP and MDM Agent PP v2.0 (29 November 2016)

An updated version of the DoD Annex for the Mobile Device Management Protection Profile (MDM PP) v2.0 and MDM Agent PP v2.0 has been published to the NIAP Protection Profile website.  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.     

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann173

Previous Announcements

  NIAP Policy #5, Policy #5 Frequently Asked Questions, and CAVP Mapping Document (21 November 2016)

NIAP CCEVS Policy #5: "Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) to NIAP’s Common Criteria Evaluation and Validation Scheme (CCEVS)" and "Frequently Asked Questions for NIAP Policy #5" have been updated and published to the NIAP website. In addition, an accompanying CAVP Mapping Document has been published. Policy #5, Policy #5 FAQ, and the CAVP mapping document provide clarification and guidance of how NIST's  algorithm  and module validations are determined to be acceptable as evidence for meeting some PP/cPP assurance activities.

The documents can be  found here:  https://www.niap-ccevs.org/Documents_and_Guidance/policy.cfm

If you have any questions or concerns, please contact us at 410-854-4458 or by email niap@niap-ccevs.org.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann171

  Enterprise Session Controller Extended Package (ESC EP) Version 1.0 Published (04 November 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Enterprise Session Controller Extended Package (ESC EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP). This EP describes the security functionality of a telecommunication switch where its primary function is to set up, process, and terminate voice & video calls over an enterprise-wide Internet Protocol (IP) network. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=396        

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann169

  MDF PP DoD Annexes Published (25 October 2016)

NIAP is pleased to announce that the DoD Annex for Mobile Device Fundamentals Protection Profile (MDF PP) v3.0 has been published to the NIAP Protection Profile website.  An updated version of the DoD Annex for MDF PP v2.0 has also been published .  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.           

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann167

  Voice/Video over IP Extended Package Version 1.0 Published (11 October 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Voice/Video over IP  Extended Package (VVoIP EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP) and Software Application Protection Provile (APP PP). This EP  describes the security functionality of a VVoIP endpoint.  The most notable additions are requirements for the call control protocol and streaming media protocol. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=399     

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann166

  Wireless Intrusion Detection/Prevention Extended Package (WIDS/WIPS EP), Version 1.0 Published (07 October 2016)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Wireless Intrusion Detection/Prevention Extended Package (WIDS/WIPS EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP). This EP is for products that provide network security administrators with the ability to monitor, collect, log, and react in real-time to potentially malicious network traffic. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=395.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann164

  Session Border Controller Extended Package Version 1.1 Published (03 October 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Session Border Controller Extended Package (SBC EP), Version 1.1, to the Network Device collaborative Protection Profile (NDcPP). This EP includes updates and clarification to many requirements and assurance activities and adding the video component to Voice over IP. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=405        

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann163

  NIAP CCEVS Publication #6, Assurance Continuity: Guidance for Maintenance and Re-evaluation, v3.0 (20 September 2016)

NIAP CCEVS has updated their Publication #6, Assurance Continuity: Guidance for Maintenance and Re-evaluation, Version 3.0, and has published to the NIAP website. The updated publication can be found here:  https://www.niap-ccevs.org/Documents_and_Guidance/guidance_docs.cfm.

If you have any questions or concerns, please contact us at 410-854-4458 or by email niap@niap-ccevs.org.     

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann162

  Newest Draft of NDcPP and Supporting Document Released for Public Review (26 July 2016)

The Network iTC is pleased to announce the public review of the next version of the Network Device cPP and Supporting Document. Please visit the Network Device Technical Community page to see the latest drafts and the related comment form. The public commenting period will end August 19, 2016.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann161

  NIAP Progress Report - Second Quarter 2016 Now Available (20 July 2016)

See the NIAP 2nd Quarter Progress report to learn about recent NIAP accomplishments and activities, and upcoming releases. 

See the report.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann160

  Mobile Device Fundamentals Protection Profile Version 3.0 Published (20 June 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Mobile Device Fundamentals, Version 3.0. The PP includes updates based on questions sent to the Technical Rapid Response Team, clarification to many requirements and assurance activities, mandating several objective requirements, adding several new objective requirements, and adding SFRs to support Bring Your Own Device (BYOD) Use Case. This PP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=381     

      

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann157

  MACsec Ethernet Encryption Extended Package Version 1.2 Published (10 May 2016)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the MACsec Ethernet Encryption Extended Package  Version 1.2.  The most notable change from Version 1.1 (March 2016) to Version 1.2 (May 2016) is that the requirement for eXtended Packet Numbering (XPN) was moved from required to optional and the assurance activity was updated to provide more detailed test procedures in accordance with TC feedback. All other changes were typographical.  Given the minimal changes, this version replaces the recently published Version 1.1 which has been sunset, effective immediately. 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann155

  Application Software v1.2 Protection Profile Published (26 April 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Application Software, Version 1.2. The PP includes updates based on completed evaluations as well as questions sent to the Technical Rapid Response Team. This PP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=394

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann154

  NIAP Progress Report - First Quarter 2016 Now Available (29 March 2016)

The NIAP 1st Quarter Progress report reveals greater activity for NIAP scheme participants and partners than in 2015.

See the Report.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann149

  RNG Transitions and the PCL (17 March 2016)

Effective January 2016, the random number/bit generators specified in ANSI X9.31 and DUAL_EC_DRBG are disallowed for the US government. NIST provided notice in SP 800-131A, dated January 2011, and SP 800-131A Revision 1, dated November 2015 about the January 2016 effective date.  As a result, NIAP is no longer posting products using the ANSI X9.31 RNG and/or DUAL_EC_DRBG to the Product Compliant List (PCL). In addition, NIAP is reviewing each product on the PCL  affected by the NIST transition.  Products which only utilize a disallowed RNG will be archived immediately and vendors will be notified. For products which employ multiple RNG/DBRGs, vendors will be given a 30-day timeframe to determine, and submit an Impact Analysis Report (IAR),  if their product may be updated through NIAP's Assurance Continuity process.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann147

  Candidate iTC for Application Software (11 March 2016)

The CCDB Application Software Working Group has completed the Essential Security Requirements for Application Software. Information on how to join the candidate iTC can be found here:

http://www.commoncriteriaportal.org/communities/application_software.cfm

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann146
Site Map              Contact Us              Home