NSA and NIST complete profiles for security needs
Myers made his comments today at the Federal Information Assurance Conference at the University of Maryland.
Protection Profile development began about two years ago as a cooperative program between NIST, which develops standards for nonclassified IT products, and NSA, which handles requirements for the classified and intelligence community. Because the Common Criteria program only evaluates IT products against the manufacturer's claims, without required security specifications, the Protection Profiles will give users a way to determine how robust a product's security features are.
The profiles specify three levels of security: basic, medium and high.
The link for this article located at GCN.com is no longer available.