lotus



previous page: 05  How do I contact the TPEP?
  
page up: Computer Security Evaluation FAQ
  
next page: 07  What is Dockmaster? (Computer Security Evaluation)

06 What is the TTAP? (Computer Security Evaluation)




Description

This article is from the Computer Security Evaluation FAQ, by Trusted Product Evaluation Program TPEP@dockmaster.ncsc.mil.

06 What is the TTAP? (Computer Security Evaluation)

The Trust Technology Assessment Program (TTAP) is a joint
National Security Agency (NSA) and National Institute of
Standards and Technology (NIST) effort to commercialize the
evaluation of commercial-off-the-shelf (COTS) products at the
lower levels of trust. Under the auspice of the National
Voluntary Laboratory Accreditation Program (NVLAP), TTAP will
establish, accredit and oversee commercial evaluation
laboratories focusing initially on products with features and
assurances characterized by the Trusted Computer System
Evaluation Criteria (TCSEC) B1 and lower levels of trust
(see Section II, Question 2 and Section III, Question 4).
Vendors desiring a level of trust evaluation will contract with
an accredited laboratory and pay a fee for their product's
evaluation. (see <http://csrc.ncsl.nist.gov/ttap/>)

TTAP approval and oversight mechanisms will assure continued
quality and fairness. Using the NVLAP model of standardized
testing and analysis procedures, TTAP will strive to achieve
mutual recognition of evaluations with other nations. The
European Community evaluations are performed under the purview
of national test standardization bodies associated with NVLAP.

The TTAP is being established with a planned transition from
TCSEC based evaluations to Common Criteria based evaluations
(see Section II, Question 8). The implementation of the Common
Criteria will occur upon acceptance of the Common Criteria and
the Common Evaluation Methodology, which is in the process of
being developed.

 

Continue to:













TOP
previous page: 05  How do I contact the TPEP?
  
page up: Computer Security Evaluation FAQ
  
next page: 07  What is Dockmaster? (Computer Security Evaluation)