Раздел: Документация
0 ... 8 9 10 11 12 13 14 ... 20  Figure 4.7 - Use of security requirements 4.4.2.1Package An intermediate combination of components is termed a package. The package permits the expression of a set of functional or assurance requirements that meet an identifiable subset of security objectives. A package is intended to be reusable and to define requirements that are known to be useful and effective in meeting the identified objectives. A package may be used in the construction of larger packages, PPs, and STs. The evaluation assurance levels (EALs) are predefined assurance packages contained in Part 3. An EAL is a baseline set of assurance requirements for evaluation. EALs each define a consistent set of assurance requirements. Together, the EALs form an ordered set that is the predefined assurance scale of the CC. 4.4.2.2Protection Profile The PP contains a set of security requirements either from the CC, or stated explicitly, which should include an EAL (possibly augmented by additional assurance components). The PP permits the implementation independent expression of security requirements for a set of TOEs that will comply fully with a set of security objectives. A PP is intended to be reusable and to define TOE requirements that are known to be useful and effective in meeting the identified objectives, both for functions and assurance. A PP also contains the rationale for security objectives and security requirements. A PP could be developed by user communities, IT product developers, or other parties interested in defining such a common set of requirements. A PP gives consumers a means of referring to a specific set of security needs and facilitates future evaluation against those needs. 4.4.2.3 Security Target An ST contains a set of security requirements that may be made by reference to a PP, directly by reference to CC functional or assurance components, or stated explicitly. An ST permits the expression of security requirements for a specific TOE that are shown, by evaluation, to be useful and effective in meeting the identified objectives. An ST contains the TOE summary specification, together with the security requirements and objectives, and the rationale for each. An ST is the basis for agreement between all parties as to what security the TOE offers. 4.4.3 sources of security requirements TOE security requirements can be constructed by using the following inputs: a)Existing PPs The TOE security requirements in an ST may be adequately expressed by, or are intended to comply with, a pre-existing statement of requirements contained in an existing PP. Existing PPs may be used as a basis for a new PP. b)Existing packages Part of the TOE security requirements in a PP or ST may have already been expressed in a package that may be used. A set of predefined packages is the EALs defined in Part 3. The TOE assurance requirements in a PP or ST should include an EAL from Part 3. c)Existing functional or assurance requirements components The TOE functional or assurance requirements in a PP or ST may be expressed directly, using the components in Part 2 or 3. d)Extended requirements Additional functional requirements not contained in Part 2 and/or additional assurance requirements not contained in Part 3 may be used in a PP or ST. Existing requirements material from Parts 2 and 3 should be used where available. The use of an existing PP will help to ensure that the TOE will meet a well known set of needs of known utility and thus be more widely recognised. 4.5Types of evaluation 4.5.1pp evaluation The PP evaluation is carried out against the evaluation criteria for PPs contained in Part 3. The goal of such an evaluation is to demonstrate that the PP is complete, consistent, and technically sound and suitable for use as a statement of requirements for an evaluatable TOE. 4.5.2st evaluation The evaluationof the ST for the TOEis carried out against the evaluation criteria for STs contained in Part 3. The goal of such an evaluation is twofold: first to demonstrate that the ST is complete, consistent, and technically sound and hence suitable for use as the basis for the corresponding TOE evaluation; second, in the case where an ST claims conformance to a PP, to demonstrate that the ST properly meets the requirements of the PP. 4.5.3toe evaluation The TOE evaluation is carried out against the evaluation criteria contained in Part 3 using an evaluated ST as the basis. The goal of such an evaluation is to demonstrate that the TOE meets the security requirements contained in the ST. 4.6Assurance maintenance TOE assurance maintenance is carried out against the evaluation criteria contained in Part 3 using a previously evaluated TOE as the basis. The goal is to derive confidence that assurance already established in a TOE is maintained and that the TOE will continue to meet its security requirements as changes are made to the TOE or its environment. 0 ... 8 9 10 11 12 13 14 ... 20
|
