The government's plan to pressure software vendors to build more secure products seems to be gathering a bit of momentum. A major part of the National Strategy to Secure Cyberspace, the idea involves using market pressures and the government's purchasing power . . .
The government's plan to pressure software vendors to build more secure products seems to be gathering a bit of momentum. A major part of the National Strategy to Secure Cyberspace, the idea involves using market pressures and the government's purchasing power to influence vendors' development practices.

important component of this plan is the National Information Assurance Partnership's Common Criteria testing program, which validates the security and reliability of a given product. The program is a partnership between the National Security Agency and the National Institute of Standards and Technology. NIAP has been around for a while, but until some government agencies began purchasing only NIAP-certified products whenever possible, it hadn't been a priority for many vendors.

But that may be changing. On Tuesday SuSE Linux AG and IBM announced that SuSE's flagship Enterprise Server 8.0 running on an IBM eServer xSeries box had received the Common Criteria certification. This is a first for the open-source operating system, which has attracted both criticism and praise from the security community. The certification is seen as an important step in Linux's continued penetration of the government market.

The link for this article located at eWeek is no longer available.