If civilian agencies join the national security community in limiting technology purchases to items that have gone through independent evaluation, it could spur vendors to submit more products for certification, officials testified today before a House subcommittee. . .
If civilian agencies join the national security community in limiting technology purchases to items that have gone through independent evaluation, it could spur vendors to submit more products for certification, officials testified today before a House subcommittee.

The national security community and the Defense Department already require any product with a security component, from a firewall to an operating system, to go through an independent evaluation that includes the Common Criteria, a set of tests to make sure that security-related products actually perform the way a vendor states.

As agencies come together to use the Common Criteria to craft protection profiles -- descriptions of security characteristics an agency would like for its IT components -- the number of certified products is increasing. The trend would move even faster if civilian agencies were to join in the demand, said Michael Fleming, chief of the Information Assurance Solutions Group in the National Security Agency's Information Assurance Directorate.

The link for this article located at FCW is no longer available.