8(495)909-90-01
8(964)644-46-00
pro@sio.su
Главная
Системы видеонаблюдения
Охранная сигнализация
Пожарная сигнализация
Система пожаротушения
Система контроля удаленного доступа
Оповещение и эвакуация
Контроль периметра
Система домофонии
Парковочные системы
Проектирование слаботочных сетей
Аварийный
контроль
Раздел: Документация

0 1 2 3 ... 20

INTERNATIONAL STANDARD

ISO/IEC 15408-1

First edition 1999-12-01

Information technology - Security techniques - Evaluation criteria for IT security -

Part 1:

Introduction and general model

Technologies de information - Techniques de securite - Criteres devaluation pour la securite TI -

Partie 1: Introduction et modele general

Reference number ISO/IEC 15408-1:1999(E)


© ISO/IEC 1999

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the publisher.

ISO/IEC Copyright Office • Case postale 56 • CH-1211 Geneve 20 • Switzerland

Printed in Switzerland


contents

1Scope ........................................................1

2Definitions ....................................................3

2.1Common abbreviations ........................................3

2.2Scope of glossary ............................................3

2.3Glossary ...................................................4

3Overview .....................................................9

3.1Introduction.................................................9

3.2Target audience of the CC .....................................9

3.2.1Consumers ..............................................9

3.2.2Developers ..............................................10

3.2.3Evaluators ...............................................10

3.2.4Others ..................................................10

3.3Evaluation context ...........................................11

3.4Organisation of Common Criteria ...............................12

4General model .................................................13

4.1Security context .............................................13

4.1.1General security context ....................................13

4.1.2Information technology security context .......................15

4.2Common Criteria approach .....................................15

4.2.1Development .............................................16

4.2.2TOE evaluation ...........................................18

4.2.3Operation ...............................................18

4.3Security concepts ............................................18

4.3.1Security environment ......................................20

4.3.2Security objectives ........................................21

4.3.3IT security requirements ....................................22

4.3.4TOE summary specification .................................23

4.3.5TOE implementation .......................................23

4.4CC descriptive material .......................................23

4.4.1Expression of security requirements ...........................23

4.4.2Use ofsecurity requirements ................................25

4.4.3Sources of security requirements .............................27

4.5Types of evaluation ...........................................28

4.5.1PPevaluation ............................................28

4.5.2ST evaluation ............................................28



0 1 2 3 ... 20