The ITSEC document defines the assurance criteria against which a system or a product will be evaluated. These criteria are grouped and rated from E1 to E6 and permit to estimate the confidence in the correctness and the effectiveness of the security functions, which enforce maintenance of confidentiality, integrity and availability. The declared goals for the Common Criteria (CC) are
- to be the vehicle by which North American and European authors of existing criteria (i.e. ITSEC, CTCPEC, Federal Criteria and TCSEC) present aligned criteria for the evaluation of IT security properties;
- to form an input to the activities leading to the construction and adoption of international standards for IT security evaluation;
- to preserve vendor and user investment in existing criteria following adoption of a unified international standard based on the CC;
- to facilitate the development of an international market in IT security products through mutual recognition of both requirements and evaluations ;
- to be extensible so that other interest groups may contribute to and benefit from the aligned criteria ;
- to incorporate advances in IT security technology which have taken place since publication of existing standards and to improve the utility of the criteria.