WASHINGTON The National Security Agency (NSA) and the National Institute of Standards and Technology (NIST) have selected four industry testing laboratories to evaluate information security products.
NSA (Fort Meade, Md.) and NIST (Gaithersburg, Md.) said Tuesday (Aug.29) that the four labs would follow testing procedures developed by the National Information Assurance Partnership. The government's interagency partnership was formed to evaluate security products like Internet firewalls and encryption algorithms.
Selected as "common criteria testing laboratories" were: Computer Sciences Corp. (Hanover, Md.); CygnaCom Solutions (McLean, Va.); Science Applications International Corp. (Columbia, Md.); and TuViT Inc. (Austin, Texas).
Promoters said the effort would boost the international competitiveness of U.S. producers of information security products by providing objective measures for evaluating the quality and security of new products. Producers counter that the key to the effort will be how quickly they can get their products evaluated and on the market.
The partnership also has an international component. Twelve countries, including Canada, France, Germany, the Netherlands, the United Kingdom and the United States, have adopted common criteria for testing security products. However, some in industry wonder whether the U.S. effort will provide timely testing and reciprocity with countries where their products have already been approved.
NSA said products validated under the testing program would be recognized in all 12 countries where the common testing criteria have been adopted.