Evaluation methods and criteria

Criteria and methodology for evaluation, in the current versions used by the Body of Certification:

Common Criteria

LINCE - Certificación Nacional Esencial de Seguridad

The purpose of LINCE is the evaluation and certification of ICT products in order to be included in the CPSTIC catalogue for medium and low ENS levels according to CCN-STIC-107 and CCN-STIC-141 guides. LINCE is also possible to be used for additional ICT security evaluations according to CCN-STIC-106 and CCN-STIC-140 guides.

ITSEC/ITSEM

ISO

  • ISO/IEC 19790:2008, Security Requirements for Cryptographic Modules
  • ISO/IEC 24759:2008, Test Requirements for Cryptographic Modules