Protection Profile, A Key Concept in The Common Criteria

by Nor Ramli
Sept. 1, 2017 0 comments SANS Institute standards

This paper will give a description of the roadmap to the Common Criteria (CC) that basically explains the distinct but related parts and how three key CC user groups namely the consumers, developers and evaluators use them. One of the key concepts in CC is the Protection Profile (PP). A structure of it will be discussed taking an evaluated PP as an example. This is to demonstrate the structure of a PP and how the requirements are achieved from the beginning by considering the security environment and understanding of the Target of Evaluation (TOE). Some issues with regards to PP will also be discussed and that will bring to the conclusion of having a PP as a tool for determining the most suitable product or system that can address the required security features.