Abstract:
SWEDISH COMMON CRITERIA NATIONAL SCHEME
SWEDAC is the Swedish signatory and member
of the Common Criteria Recognition Arrangement, CCRA.
SWEDAC is a public authority under the Ministry for
Foreign Affairs and Ministry of Trade and the national accreditation
body, assessing the competence of laboratories, certification and
inspection bodies etc. SWEDAC is a member of EA (European co-operation
for Accreditation) and corresponding organizations on international
level ILAC (International Laboratory Accreditation Cooperation) and
IAF (International Accreditation Forum). SWEDAC operates nationally
and internationally to encourage the principles of harmonization for
analysis, testing, calibration, certification and inspection in the
interest of improved safety and encouragement of free trade.
SWEDAC is responsible for the National CC Scheme in
Sweden.
The National CC Scheme in Sweden is built on the following:
| |
An open scheme with accreditation of CBs and ITSEFs built on the Swedish law
SFS 1992:119 and the Swedish Ordinance 1993:1065. |
| |
Specific requirements for accreditation of CBs in the area of Common Criteria
are found in SWEDAC regulation STAFS 2003:3 (Including
EN 45011 and the requirements from Common Criteria) |
| |
Specific requirements for accreditation of ITSEFs in the area of Common Criteria
are found in SWEDAC regulation STAFS 2003:2 (including
EN 45011 and the requirements from Common Criteria). |
Sweden is since 2002 a member of the CCRA. SWEDAC is as signatory responsible
for:
| |
the administration of the CCRA regulations in Sweden (se above) |
| |
make information about certificates public |
| |
marketing of the CCRA scheme |
| |
information and education |
AN INTRODUCTION TO THE SWEDISH CERTIFICATION BODY FOR IT SECURITY, CSEC
CSEC, an entity within the Swedish Defence Materiel Administration (FMV),
has been appointed by the government to establish a national scheme for evaluation
and certification of IT-security products according to the CCRA.
Within the
scope of the Scheme, CSEC responsibilities includes:
| |
To establish, operate and maintain an evaluation and certification scheme for
the CSEC CB. |
| |
To license evaluation facilities according to the principles of the CCRA. |
| |
To give support, advice and training on the use of Common Criteria. |
| |
To publish a list of certified products and licensed ITSEFs. |
| |
To exercise supervision of the licensed evaluation facilities with regard to
competence and methodology. |
| |
To exercise oversight of ongoing evaluation assignments and review evaluation
reports. |
| |
To issue Common Criteria certificates. |
| |
To participate in international cooperation with the purpose of achieving international
recognition of Swedish certificates and the continued improvement
of the evaluation methodology. |
This presentation will provide an overview of the organization and status of
CSEC and the core processes of the Common Criteria Evaluation and
Certification Scheme for CSRA.