Tumbleweed Validation Authority achieves EAL3 certification

Source: Tumbleweed Communications

Tumbleweed Communications Corp. (NASDAQ:TMWD), a leading provider of email security, file transfer security, and identity validation software and appliances, today announced the Tumbleweed Validation Authority product suite has achieved Common Criteria Evaluation Assurance Level (EAL) 3 certification, the strongest protection profile for public key infrastructure (PKI) products.

The certification, which encompasses Tumbleweed Validation Authority responder, repeater, and delegated models of deployment, demonstrates Tumbleweed's commitment to government and commercial requirements worldwide for enterprise-level PKI validation solutions.

Based on widely adopted open standards and technologies, the Tumbleweed Validation Authority solution validates the status of digital certificates in real time, ensuring that revoked credentials cannot be used for secure email, smart card login, web access, wireless, VPN, or other electronic transactions. The Tumbleweed Validation Authority solution is the most widely deployed PKI validation solution in the world. The U.S. Department of Defense, all branches of the U.S. military, the U.S. Department of Homeland Security, the U.S. intelligence community, and top financial institutions globally rely on the Tumbleweed Validation Authority solution to secure their PKI transactions.

"Government and commercial organizations around the world are confronting increasingly complex threats to their networks, data, and users, and Tumbleweed's identity validation technology offers a proven approach to protecting and preserving the integrity of communications," said Ann Smith, Vice President of Federal Sales for Tumbleweed. "This new certification demonstrates Tumbleweed's continued leadership in PKI and provides Validation Authority customers with the assurance that their chosen solution has been tested rigorously against a comprehensive list of internationally recognized security requirements."

The Common Criteria certification serves as an independent, impartial security evaluation that verifies the functional reliability and security of the Tumbleweed Validation Authority product suite. The National Information Assurance Partnership (NIAP), the Common Criteria Evaluation and Validation Scheme (CCEVS), and the Common Criteria Recognition Arrangement (CCRA) awarded the certification on June 8, 2006.

Government agencies and commercial enterprises worldwide use Common Criteria certification as a determining factor in procuring information technology products. To date, 24 countries have adopted and recognize the Common Criteria certification, allowing governmental and commercial organizations operating in these nations to purchase information technology products with the confidence that they are in compliance with widely accepted security standards.

Science Applications International Corp. (SAIC), an accredited independent Common Criteria testing lab, evaluated the Tumbleweed Validation Authority product suite against the "Certificate Issuing and Management Components Family of Protection Profiles, Security Level 3", the strongest profile for PKI products. SAIC adheres to strict standards, considers numerous real-world deployment scenarios, and conducts rigorous and exhaustive testing at the source-code level to determine certifications.

Comments: (0)