ITSEC scores a Hat-rick
|
ITSEC scores a Hat-rick |
The UK ITSEC Scheme's has reached a triple milestone in its history
completing its 100th evaluation since the scheme began in 1990. The evaluation of SoftWinter's SeNTry 2020
is not only the first Common Criteria certificate issued by the scheme but is also the
first ever evaluation under new entry level EAL 11).
The Common Criteria, introduced to replace existing standards in Europe, North America and
Canada has seven assurance levels including the new EAL1 entry assurance level. Tim Moore
Deputy Head of the UK ITSEC scheme commented:
"This is not just an important milestone for the UK ITSEC scheme, it represents a
turning point in the history of international IT security evaluation. Certification of SeNTry 2020 to EAL1
clearly reflects the new flexibility that Common Criteria affords. In addition to the
benefits of having a product evaluated against an internationally recognised standard,
developers are now able to choose and adapt the testing to suit their needs and the needs
of their clients."
SeNTry 2020 is a Windows NT software product that enables the user to store files securely
by generating an encrpyted virtual drive on the host PC hard disk. Wayne Sowery Technical Director. of MIS Europe Ltd commented:
"SeNTry 2020 is a simple yet innovative and effective product which addresses many
security issues present with Windows NT. We wanted the product to be independently
evaluated by an approved body to re-enforce our security claims and give peace of mind to
both existing and potential clients world-wide.
He added;
"ITSEC evaluation under the Common Criteria affords us this opportunity, whilst the
new EAL1 reflects the low sale price of the product and its position as a utility."
Version 1.0 of the Common Criteria was published in 1996 to harmonise the differing
approaches of existing standards in both Europe and the USA. In the past many developers
encountered problems getting products successfully evaluated in one country recognised in
another. Consequently developers incurred a great deal of additional expense evaluating
products twice and users of IT found their choice of merchandise restricted. The Common
Criteria sought to address this matter by creating an internationally recognised standard
and affording greater flexibility in testing to meet the needs of both the developers and
users of IT products. ter terms of business.
Notes to the Editor
About ITSEC
The UK ITSEC (Information Technology Security Evaluation and Certification) scheme is a
government-backed initiative which has been designed specifically to give business
and government an easy means of assessing the security features of various computer
software applications, including firewalls, operating systems, databases, etc. The Scheme
is a joint venture set up by the Department of Trade and Industry (DTI) and the
Government's Communications Electronics Security Group(CESG) and certifies the level
of assurance which can be placed on the tested products or systems. For more
information, contact ITSEC on 01242 238 739 or on the web at http://www.itsec.gov.uk.
24-Jul-1997