Download now Free registration required
The Common Criteria evaluation and certification is one of the most commonly used process to improve the trust in the security of evaluated products. Nevertheless this methodology has a lot of problems and side-effects that lead to limitations of which the end user should be aware. The aim of this paper is to develop some of these limits. To claim that a product is secure is not an enough proof to provide trust for the user of this product. More formal processes should be applied to check the security level that product provider thinks to reach and to maintain a chain of trust from the manufacturer to the user (banks, mobile phone companies, end-user, etc.).
- Format: PDF
- Size: 639.13 KB