International Standard “ISO/IEC 15408
Information Technology Security Evaluation and Standard”
is a technical standard to evaluate whether the
are properly designed and whether the design is correctly
implemented from the viewpoint of information security.
ISO/IEC 15408 is based on the security evaluation
standard developed by the Common Criteria (CC) project,
which consisted of seven organizations represented
by six European countries and the United States. It was
certified as ISO/IEC standard in June 1999, and
subsequently accredited as JIS X 5070 in July 2000.
With the standard, security functions of IT products/systems can now be systematically evaluated from various viewpoints.
In April 2001, the Japan Information Technology
Security Evaluation and Certification Scheme (JISEC)
was established with the purpose of evaluating security
functions and qualities in IT products/systems.
Various kinds of IT products/systems, including database management, Firewalls, Public Key Infrastructure (PKI), IT systems, IC cards, multi-functional device, digital cameras, etc., have been evaluated and certified under the scheme.
For further information, please visit http://www.ipa.go.jp/security/jisec/jisec_e/index.html and access to “Japan Information Technology Security Evaluation and Certification Scheme (JISEC)” on its top page.
In October 2003, Japan became a participant to Common Criteria Recognition Arrangement (CCRA) which has been operated by 26 countries(as of January 2013) to further enhance the international competitiveness of Japanese IT products.
In April 2004, IPA has started its operation as the Certification Body to conduct information security evaluation and certification.