Common Criteria Certification in China: A comparison with the schemes of the CCRA

atsec invites you to take a look at the current state of IT security standards in China, as compiled by Helmut Kurth, Yan Liu, David Ochel and Fiona Pattinson (atsec information security) and Zhang Li (China Information Technology Security Certification Center).

As a component of its expansion into the information technology sector during the past two decades, the Chinese government has initiated multiple efforts aimed at establishing standards and criteria related to information security. In many ways, these efforts mirror international efforts during the same period, focusing on setting criteria for security protection levels and related evaluation criteria. This article offers a summary of the current state of IT security organizations and standards in China, including mapping the Chinese IT security standards to relevant international standards. The article also provides an assessment of the limitations inherent in current Chinese standards and suggests some likely directions for future development.

Please read the complete article at: http://www.atsec.com/01/comparison-ccra-it-security-standards-china-page1.html

About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in January 2000 and has extensive international operations with offices in the U.S., Sweden, the UK, and China. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf.