|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Mike Ruscher (Mike.Ruscher
CSE-CST.GC.CA)Date: Thu Jan 18 2001 - 10:33:08 CST
Well perhaps I may offer something on this subject. I think the type of
certification at issue is something along the lines of what used to be a
Trusted Products Evaluation Program (TPEP) evaluations and subsequent orange
book rating on a "preferred products list" (PPL).
The evaluation criteria for IT security products in place today is the
Common Criteria and the evaluations are largely done at commercial
accredited laboratories in various countries who have agreed to unilateral
acceptance of the results.
I don't know of any IDS product which have been evaluated offhand, but I
know that there has been some work done on a Protection Profile (PP)
development for IDS products.
Here are some relevant links to get things started:
http://csrc.nist.gov/cc/index.html
http://www.iatf.net/protection_profiles/profiles.cfm
http://www.cse-cst.gc.ca/cse/criteria/english/index.htm
Mike Ruscher, ITS Specialist I2, CSE/CST
mgruschercse-cst.gc.ca
Phone: +1 613 991-8040
ED/C200
http://www.cse-cst.gc.ca
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]