NIAP: NIAP Home Page
NIAP/CCEVS Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 


  • Updated DoD Annexes for MDM PP and MDM Agent PP v2.0

    An updated version of the DoD Annex for the Mobile Device Management Protection Profile (MDM PP) v2.0 and MDM Agent PP v2.0 has been published to the NIAP Protection Profile website.  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.     

     

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Virtualization (Base) Version 1.0, the Protection Profile for Virtualization Extended Package – Server Virtualization Version 1.0 and the Protection Profile for Virtu...

    Read More

  • NIAP CCEVS Policy #5: "Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) to NIAP’s Common Criteria Evaluation and Validation Scheme (CCEVS)" and "Frequently Asked Questions for NIAP Policy #5" have been updated and published to the NIAP website. In addition, an accompanying CAVP Mapping Document has been published. Policy #5, Policy #5 FAQ, and the CAVP mapping document provide clarification and guidance of how NIST's ...

    Read More

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Certificate Authorities Protection Profile version 2.0.   A CA system is an entity that issues and manages public-key certificates and is the primary component of a public key infrastructure (PKI), which consists of programs, data formats, procedures, communication protocols, secu...

    Read More

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Enterprise Session Controller Extended Package (ESC EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP). This EP describes the security functionality of a telecommunication switch where its primary function is to set up, process, and terminate voice & video calls over an enterprise-wide Internet Protocol (IP) network. The EP can be...

    Read More

  • See the NIAP 3rd Quarter Progress report to learn about recent NIAP accomplishments and activities, and upcoming releases.

    See the report.

     

  • MDF PP DoD Annexes Published

    NIAP is pleased to announce that the DoD Annex for Mobile Device Fundamentals Protection Profile (MDF PP) v3.0 has been published to the NIAP Protection Profile website.  An updated version of the DoD Annex for MDF PP v2.0 has also been published .  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks. &nb...

    Read More

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Voice/Video over IP  Extended Package (VVoIP EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP) and Software Application Protection Provile (APP PP). This EP  describes the security functionality of a VVoIP endpoint.  The most notable additions are requirements for the call control protocol and streaming media protocol. The ...

    Read More

  • Wireless Intrusion Detection/Prevention Extended Package (WIDS/WIPS EP), Version 1.0 Published

     

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Wireless Intrusion Detection/Prevention Extended Package (WIDS/WIPS EP), Version 1.0, to the Network Device collaborative Protection Profile (NDcPP). This EP is for products that provide network security administrators with the ability to monitor, collect, log, and react ...

    Read More

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Session Border Controller Extended Package (SBC EP), Version 1.1, to the Network Device collaborative Protection Profile (NDcPP). This EP includes updates and clarification to many requirements and assurance activities and adding the video component to Voice over IP. The EP can be found here: https://www.niap-ccevs.org/Profile/Info.cfm?id=405   &nbs...

    Read More

  • NIAP CCEVS has updated their Publication #6, Assurance Continuity: Guidance for Maintenance and Re-evaluation, Version 3.0, and has published to the NIAP website. The updated publication can be found here:  https://www.niap-ccevs.org/Documents_and_Guidance/guidance_docs.cfm.

    If you have any questions or concerns, please contact us at 410-854-4458 or by email niap@niap-ccevs.org.     

  • Want more news?

    Check out all the announcements online or...

    subscribe.













  Focus Areas

Industry
 
U.S. Government
 
International Partners
  Events


Site Map              Contact Us