Common Criteria Evaluation

Common Criteria Evaluation

Advanced Data Security performs Common Criteria evaluation at Evaluation Assurance Levels (EALs) 1 through 7, with or without a Protection Profile (PP).

The benefit of completing Common Criteria Evaluation is two-fold: achieving a valuable product certification, and improving the security of the product.

The Common Criteria certification consists of the following steps:

1. A Common Criteria workshop is usually performed by the laboratory at a vendor’s site. The workshop covers all applicable Common Criteria and Protection Profile requirements as they apply to your product.

2. We analyze the product information obtained during the workshop and existing vendor documentation. We then conduct a gap analysis to determine potential areas of non-compliance with the requirements of the Common Criteria standard and, if applicable, the requirements of the Protection Profiles.

3. The vendor corrects deficiencies identified during the gap analysis phase, if any.

4. The vendor and the laboratory enter into an evaluation agreement for the evaluation of the product.

5. The vendor submits the product and the product documentation, including the Security Target document, to the laboratory.

6. An evaluation start-up meeting is conducted.

7. The laboratory works with the vendor and the Common Criteria validators to conduct the Common Criteria evaluation of the product. The vendor addresses any deficiencies that are found during the evaluation.

8. After successful completion of the evaluation the laboratory submits the evaluation documents to validators.

9. Upon resolution of validators’ comments, and submission of the final evaluation documents to the Common Criteria validators, the Common Criteria Certificate is issued.