Feds certify lab to test security apps
- By Diane Frank
- Aug 21, 2000
NIAP CC Evaluation and Validation Scheme home page
The government has certified CygnaCom Solutions Inc.'s Security Evaluation
Laboratory to test information security software to assure users that security
products perform the functions that vendors claim.
The laboratory accreditation, announced Aug. 14, comes from the National
Infrastructure Assurance Partnership, a collaboration of the National Institute
of Standards and Technology and the National Security Agency. The partnership
oversees the certification of laboratories and the testing of products under
the Common Criteria Evaluation and Validation Program, an international
standard that experts are encouraging civilian agencies to consider when
purchasing security products.
The CygnaCom laboratory is accredited under the NIST National Voluntary
Laboratory Accreditation Program to perform testing for the first four levels
of evaluation assurance available under the Common Criteria scheme.
National security agencies are already required to give preference to
products that have been accredited under the Common Criteria program. NIST
issued a set of draft guidelines in March suggesting that civilian agencies
also give preference to products that have been accredited under the program.
"Use of products with an appropriate degree of assurance contributes
to security and assurance of the system as a whole and thus should be an
important factor in IT procurement decisions," the draft stated.
NIST is collecting comments, and final guidelines are due later this
A full list of Common Criteria testing laboratories is due soon on the
NIAP Common Criteria site.