Corporate Summary
Summary
Name | Information Technology Security Center (IT Security Center) |
Location | 1-1-3 Ohtemachi, Chiyoda-ku, Tokyo 100-0004, Japan |
Services
IT Security Center (ITSC) is accredited as an evaluation and testing organization. Followings are the descriptions of ITSC services;
Evaluation of IT Products based on ISO/IEC 15408
The Japan Information Technology Security Evaluation and Certification Scheme (JISEC) is the international security certification scheme based on ISO/IEC 15408 (also known as Common Criteria: CC) and CC is implemented in 31 countries (18 certified countries and 13 host countries) around the world (as of March, 2023).
In Japan, Information-technology Promotion Agency, Japan (IPA) promotes the scheme as a certification body, and IT Security Center is accreditted as an evaluation body with an assurance level of EAL4.
Testing of cryptographic module and algorithm implementation based on JIS X 19790 (ISO/IEC 19790)
The Japan Cryptographic Module Validation Program (JCMVP) is a cryptographic module testing and validation program conducted by IPA.
Security functions covered by JCMVP consist of public key, symmetric key, hash, message authentication, random number generator, and public key establishment method, etc., and the security functions are validated based on JIS X 19790, mainly the e-government recommended cipher list.
JCMVP also implements a cryptographic algorithm verification system, and IT Security Center is accreditted as a cryptographic module testing organization.
Testing of cryptographic module and algorithm implementation based on FIPS 140-3
The Cryptographic Module Validation Program (CMVP) is a joint effort between the National Institute of Standards and Technology under the Department of Commerce and the Canadian Centre for Cyber Security, a branch of the Communications Security Establishment.
CMVP/CAVP validates security functions based on FIPS PUB 140-3, and IT Security Center is accreditted as a CMVP/CAVP Testing Laboratory. (NVLAP Lab. Code: 200822-0)
History
1987- | Established a “Computer Security Expert Committee,” and then began a survey related to security evaluation standards. |
1992 | Published The Basic Requirements of Computer Security (Security function and Assurance Versions) |
1998 | First trial evaluation in Japan using Common Criteria V1.0 (the basis for ISO/IEC15408) |
1999 | Participated in creation of the JIS standard for security from the International Standard |
2000 | Participated in establishment of the security evaluation/certification scheme in Japan Developed the “System Protection Profile for e-government” |
2001 | Participated in production of the JIS-TR for CEM (Common Methodology for Information Technology Security Evaluation) |
2002 | Acquired authorization as an EAL3 security evaluation facility |
2003 | Acquired authorization as an EAL4 security evaluation facility |
2007 | Became independent organization from JEITA |
2009 | Testing laboratories of CMVP accredited by the National Institute of Standards and Technology, National Voluntary Laboratory Accreditation Program (NVLAP Lab. Code: 200822-0) |
2010 | Testing laboratory of JCMVP accredited by the National Institute of Technology and Evaluation (NITE), and approved by the Information Technology Promotion Agency, Japan (IPA) |