Abstract:
Security Assurance activities are getting much popularity around the global with increased pressure of making cyber space secure. Cyber-space technologies have changed the outlook of war and revenge completely. Now, cyber-criminals can cause damage to individual and organizational assets from comfort of their home even in more severity. Nations are working hard to provide more securer environment of its people. Establishment of strong security rules and standards is one way to sanitize the products and systems from user market before they could cause any harm. Common Criteria is one of globally recognized standard use for such purposes. It provides its consumer with more flexibility and wider choices in product selection. To use the forum of CC, nations sign the agreement (CCRA) to accept the certification provided by CC testing laboratories. There are two categories of CC platform, one consuming member and another authorizing member. Problem with consuming participant is that for each of its indigenous product, participant must connect the authorizing participant which is a long, costly and lengthy procedure. Another problem is that, this procedure cannot be utilized for nation sensitive products. Pakistan currently standing as consuming participant of this forum thus cannot benefit from CC to its fullest. Prime focus for this research was to provide a framework than can lead Pakistan to higher status on CC forum. Specifically providing guidelines for establishing a testing laboratory that is competent enough as per CC to conduct the evaluation of android based mobile application. As Pakistan has huge customer-base for android smartphones and insecure application provide cyber-criminals the easiest entry point to access all valuable resources present in it.
