NIAP: NIAP CCEVS Announcements
NIAP/CCEVS
  NIAP  »»  Announcements  »»  NIAP Announcements  
NIAP Announcements

  DoD Annex for MDF PP v3.1 (31 July 2017)

The DoD Annex for the Mobile Device Fundamentals Protection Profile (MDF PP) v3.1 has been published to the NIAP Protection Profile website.  This DoD Annex is used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.                  

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann189

  NIAP Progress Report – Second Quarter 2017 (11 July 2017)

See the NIAP Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann188

  NIAP Endorses NDcPP v2.0 (07 July 2017)

NIAP has endorsed the Network Device collaborative Protection Profile v2.0 (NDcPP v2.0) and published the cPP and Supporting Documents to the NIAP Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the ND cPP that demonstrate exact conformance to the cPP, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List.  The updated NDcPP v2.0 allows for evaluation of devices that are suitable for the use cases identified in the ND cPP, to include distributed network devices.    

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann187

  VPN Client EP V2.0 Published (27 June 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the VPN Client Extended Package (VPN Client EP), Version 2.0.  The EP extends the GPOS PP when the VPN client is installed on an operating system (e.g., Windows, Mac OS, Linux),  the MDF PP when the VPN client is installed on a self-contained mobile device that is bundled with an operating system (e.g. Android, BlackBerry OS, iOS, Windows Mobile),  and the App PP when the VPN client is provided by a third party and is a standalone application that is not a bundled part of an operating system or mobile device. This EP describes the security functionality of a software application that runs on a physical or virtual host platform, used to establish a secure IPsec connection between that host platform and a remote system.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann186

Previous Announcements

  Mobile Device Fundamentals Protection Profile v3.1 Published! (16 June 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Mobile Device Fundamentals Protection Profile version 3.1 (MD PP v3.1).  Updates were made to modify several biometric requirements and to incorporate all applicable NIAP Technical Decisions. Given the minimal changes, this version replaces Version 3.0, which will be sunsetted next month.

Please follow the link for more information:

https://www.niap-ccevs.org/Profile/Info.cfm?id=417

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann185

  Full Drive Encryption (FDE) Enterprise Management Draft Available for Public Review (10 May 2017)

The FDE iTC has released the draft Enterprise Management module for public review.  Please visit the FDE Technical Community page to review the draft and related comment forms.  The public comment period will close on Friday, 26 May 2017.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann183

  DHS Releases Study on Mobile Device Security (04 May 2017)

The Department of Homeland Security (DHS) has submitted a report to Congress that details current and emerging threats to the Federal government’s use of mobile devices and recommends security improvements to the mobile device ecosystem.  Mandated by the Cybersecurity Act of 2015, the “Study on Mobile Device Security” relied on significant input from mobile industry vendors, carriers, service providers and academic researchers.

The Study recommends adoption of mobile security criteria found in NIAP Protection Profiles as a way to provide increased assurance for mobile devices.  NIAP encourages vendor and end user participation in Technical Communities to collaboratively define security requirements for commercial technologies.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann182

  NIAP Progress Report – First Quarter 2017 (31 March 2017)

See the NIAP first Quarter Progress report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann181

  Call for Participants for File Encryption Technical Community (13 March 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community for the update of the File Encryption Extended Profile (EP).  Members of this TC are expected to provide technical input to update the EP to include requirements for enterprise management and update the requirements for multi-user support.

All interested parties should contact NIAP/CCEVS at tc-file-staff@niap-ccevs.org, providing the information listed below for each potential participant:

• Name
• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
• Telephone number
• Email address
• A brief statement of the qualifications for participation in the TC
• In addition, if there are other issues recommended to include for this update, please provide a brief description for consideration.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann179

  VPN Gateway Extended Package Version 2.1 Published (08 March 2017)

 

The  National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the VPN Gateway Extended Package Version 2.1.  Minor updates were made to add the FWcPP as an additional base PP and transport mode is no longer mandated in IPSEC communication.  All other changes were typographical and formatting for consistency across EPs.  Given the minimal changes, this version replaces the Version 2.0 which has been sunset, effective immediately.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann178

  Call for Participants for PSS Technical Community (01 March 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community for the update of the Peripheral Sharing Switch Protection Profile version 3.0. Members of this TC are expected to provide technical input to update the Protection Profile for products that provide a PSS capability.

All interested parties should contact NIAP/CCEVS at tc-pss-staff@niap-ccevs.org, providing the information listed below for each potential participant:

• Name

• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other) 

• Telephone number

• Email address

• A brief statement of the qualifications for participation in the TC

NIAP plans to hold the Kick-Off meeting on Wednesday, 15 March 2017.  We look forward to your participation!       

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann177

  Call for Participants for SSL/TLS Inspection Technical Community (08 February 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a technical community for the development of a protection profile for TLS Inspection products. Members of this TC are expected to provide technical input to the development of Protection Profile for products that provide a TLS inspection capability.

All interested parties should contact NIAP/CCEVS at tc-tlsi-staff@niap-ccevs.org, providing the information listed below for each potential participant: 

 

Name 

 

Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)  

 

Telephone number 

 

Email address 

 

A brief statement of the qualifications for participation in the TC

 

 

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann176

  NIAP 2016 Report (19 January 2017)

NIAP has released the progress report for 2016 that documents significant accomplishments and looks further ahead into 2017.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann175

  Mobile Device Management Protection Profile v3.0 and Mobile Device Management Agents Extended Package v3.0 Published (07 December 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Mobile Device Management, Version 3.0 (MDM PP v3.0) and MDM Agents Extended Package, Version 3.0 (MDM Agent EP v3.0). This PP/EP includes updates based on questions sent to the Technical Rapid Response Team, clarification to many requirements and assurance activities, and adding SFRs to support Bring Your Own Device (BYOD) Use Case. This PP/EP can be found here:  https://www.niap-ccevs.org/Profile/PP.cfm      

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann174

  Updated DoD Annexes for MDM PP and MDM Agent PP v2.0 (29 November 2016)

An updated version of the DoD Annex for the Mobile Device Management Protection Profile (MDM PP) v2.0 and MDM Agent PP v2.0 has been published to the NIAP Protection Profile website.  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.     

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann173

  NIAP Policy #5, Policy #5 Frequently Asked Questions, and CAVP Mapping Document (21 November 2016)

NIAP CCEVS Policy #5: "Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) to NIAP’s Common Criteria Evaluation and Validation Scheme (CCEVS)" and "Frequently Asked Questions for NIAP Policy #5" have been updated and published to the NIAP website. In addition, an accompanying CAVP Mapping Document has been published. Policy #5, Policy #5 FAQ, and the CAVP mapping document provide clarification and guidance of how NIST's  algorithm  and module validations are determined to be acceptable as evidence for meeting some PP/cPP assurance activities.

The documents can be  found here:  https://www.niap-ccevs.org/Documents_and_Guidance/policy.cfm

If you have any questions or concerns, please contact us at 410-854-4458 or by email niap@niap-ccevs.org.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann171

  Enterprise Session Controller Extended Package (ESC EP) Version 1.0 Published (04 November 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Enterprise Session Controller Extended Package (ESC EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP). This EP describes the security functionality of a telecommunication switch where its primary function is to set up, process, and terminate voice & video calls over an enterprise-wide Internet Protocol (IP) network. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=396        

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann169

  MDF PP DoD Annexes Published (25 October 2016)

NIAP is pleased to announce that the DoD Annex for Mobile Device Fundamentals Protection Profile (MDF PP) v3.0 has been published to the NIAP Protection Profile website.  An updated version of the DoD Annex for MDF PP v2.0 has also been published .  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.           

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann167

  Voice/Video over IP Extended Package Version 1.0 Published (11 October 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Voice/Video over IP  Extended Package (VVoIP EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP) and Software Application Protection Provile (APP PP). This EP  describes the security functionality of a VVoIP endpoint.  The most notable additions are requirements for the call control protocol and streaming media protocol. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=399     

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann166

  Wireless Intrusion Detection/Prevention Extended Package (WIDS/WIPS EP), Version 1.0 Published (07 October 2016)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Wireless Intrusion Detection/Prevention Extended Package (WIDS/WIPS EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP). This EP is for products that provide network security administrators with the ability to monitor, collect, log, and react in real-time to potentially malicious network traffic. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=395.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann164

  Session Border Controller Extended Package Version 1.1 Published (03 October 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Session Border Controller Extended Package (SBC EP), Version 1.1, to the Network Device collaborative Protection Profile (NDcPP). This EP includes updates and clarification to many requirements and assurance activities and adding the video component to Voice over IP. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=405        

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann163
Site Map              Contact Us              Home