Decoding Common Criteria Certifications for Mobility
The Common Criteria is an internationally recognized set of guidelines (ISO 15408) that defines a common framework for evaluating the security features and capabilities of commercial-off-the-shelf (COTS) Information Technology security products.
In October 2013, the US Government’s Common Criteria Evaluation and Validation Scheme (CCEVS) announced Protection Profiles for Mobile Devices (MD) and Mobile Device Management (MDM) systems. These Protection Profiles specify the requirements that specific technology types must meet in Common Criteria evaluations.
This whitepaper explains what these Protection Profiles mean for vendors, integrators, and compliance teams pursuing Common Criteria certification, and clarifies how the FIPS 140 framework intersects with these expectations.
Inside You’ll Discover:
- The core encryption expectations in MDPP and MDMPP, including protected communications and secure data storage requirements.
- How Common Criteria and FIPS 140 interconnect and diverge, and why FIPS validation is often a prerequisite for Common Criteria certification.
- Reference tables mapping Security Functional Requirements (SFRs) to CryptoComply cryptographic functions for easy comparison.
- Best practices to accelerate mobility certification and prepare for Unified Capabilities Approved Products List (UC APL) submission.
Complete the form to get the free whitepaper now!
