NIAP: NIAP Home Page
NIAP/CCEVS Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 


  • VPN Client EP V2.0 Published

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the VPN Client Extended Package (VPN Client EP), Version 2.0.  The EP extends the GPOS PP when the VPN client is installed on an operating system (e.g., Windows, Mac OS, Linux),  the MDF PP when the VPN client is installed on a self-contained mobile device that is bundled with an operating system (e.g. Android, BlackBerry OS, iOS, Windows Mobile), ...

    Read More

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Mobile Device Fundamentals Protection Profile version 3.1 (MD PP v3.1).  Updates were made to modify several biometric requirements and to incorporate all applicable NIAP Technical Decisions. Given the minimal changes, this version replaces Version 3.0, which will be sunsetted next month.

    Please follow the link fo...

    Read More

  • The FDE iTC has released the draft Enterprise Management module for public review.  Please visit the FDE Technical Community page to review the draft and related comment forms.  The public comment period will close on Friday, 26 May 2017.

  • The Department of Homeland Security (DHS) has submitted a report to Congress that details current and emerging threats to the Federal government’s use of mobile devices and recommends security improvements to the mobile device ecosystem.  Mandated by the Cybersecurity Act of 2015, the “Study on Mobile Device Security” relied on significant input from mobile industry vendors, carriers, service provider...

    Read More

  • See the NIAP first Quarter Progress report to learn about recent NIAP accomplishments and activities, and upcoming releases.

    Read the report here

  • Want more news?

    Check out all the announcements online or...

    subscribe.













  Focus Areas

Industry
 
U.S. Government
 
International Partners
  Events


Site Map              Contact Us