GAO: Security Accreditation Program a Tough Sell

    Date31 Mar 2006
    CategoryGovernment
    7604
    Posted ByBrittany Day
    The federal government's program for testing and accrediting the security of commercial technology has not been proven a success, according to a report by the Government Accountability Office. The National Information Assurance Partnership (NIAP), which is sponsored by the National Security Agency and the National Institute of Standards and Technology, was created to make it easier for agencies to find products that meet basic industry standards for security.

    NIAP officials are responsible for implementing the Common Criteria Evaluation and Validation Scheme, a rigorous set of security tests that adhere to international standards. Officials provide technical guidelines to commercial laboratories that conduct tests on the products vendors submit. Once approved, a product is listed on the NIAP Web site. Unfortunately, agencies often find that the products they need are not on the list or that only older versions have been accredited, GAO’s report states.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"5","type":"x","order":"1","pct":45.45,"resources":[]},{"id":"56","title":"No","votes":"6","type":"x","order":"2","pct":54.55,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.