Common Criteria is an internationally approved set of security standards that provides a clear and reliable evaluation of the security capabilities of Information Technology products.
By providing an independent assessment of a product's ability to meet security standards, Common Criteria gives customers more confidence in the security of Information Technology products and leads to more informed decisions. Security-conscious customers, such as the U.S. Federal Government, are requiring Common Criteria certification as a determining factor in purchasing decisions. Since the requirements for certification are clearly established, vendors can target very specific security needs while providing broad product offerings.
The international scope of Common Criteria, currently adopted by fourteen nations, allows users from other countries to purchase Information Technology products with the same level of confidence, since certification is recognized across all complying nations.
Evaluating a product with respect to security requires identification of the customer's security needs and an assessment of the capabilities of the product. Common Criteria aids customers in both of these processes through two key components: protection profiles and evaluation assurance levels.
See the following resources for further information: