IT security evaluation and certification initiatives

IPA runs a program named Japan Information Technology Security Evaluation and Certification Scheme (JISEC) to evaluate security adequacy and reliability of IT products based on the ISO/IEC 15408 international standard. The program is for optimized security of government systems that handle highly confidential information as using certified products in those systems will reduce their security risks.

• JISEC

Cryptographic functions are embedded in electronic devices, such as smartphones and encrypted USB drives, to prevent unauthorized access and tampering of stored data. IPA facilitates the safe use of software and electronic devices through a program that checks the suitability and reliability of the cryptographic functions embedded in those devices based on the ISO/IEC 19790 international standard.

• JCMVP

Encryption technology is one of the critical elements in cybersecurity. IPA operates Cryptography Research and Evaluation Committees (CRYPTREC) that evaluate encryption technology in cooperation with relevant organizations*. CRYPTREC publishes the CRYPTREC Ciphers List, which specifies encryption technologies recommended for system procurement and use by government agencies. In addition, CRYPTREC publishes guidelines and reports that government agencies and enterprises can refer to when using encryption technologies.