Системы видеонаблюдения
Охранная сигнализация
Пожарная сигнализация
Система пожаротушения
Система контроля удаленного доступа
Оповещение и эвакуация
Контроль периметра
Система домофонии
Парковочные системы
Проектирование слаботочных сетей
Раздел: Документация

0 ... 3 4 5 6 7 8 9 ... 20

f) evaluation authorities responsible for the management and oversight of IT security evaluation programmes.

3.3 Evaluation context

In order to achieve greater comparability between evaluation results, evaluations should be performed within the framework of an authoritative evaluation scheme that sets the standards, monitors the quality of the evaluations and administers the regulations to which the evaluation facilities and evaluators must conform.

The CC does not state requirements for the regulatory framework. However, consistency between the regulatory frameworks of different evaluation authorities will be necessary to achieve the goal of mutual recognition of the results of such evaluations. Figure 3.1 depicts the major elements that form the context for evaluations.

Use of a common evaluation methodology contributes to the repeatability and objectivity of the results but is not by itself sufficient. Many of the evaluation criteria require the application of expert judgement and background knowledge for which consistency is more difficult to achieve. In order to enhance the consistency of the evaluation findings, the final evaluation results could be submitted to a certification process. The certification process is the independent inspection of the results of the evaluation leading to the production of the final certificate or approval. The certificate is normally publicly available. It is noted that the certification process is a means of gaining greater consistency in the application of IT security criteria.

The evaluation scheme, methodology, and certification processes are the responsibility of the evaluation authorities that run evaluation schemes and are outside the scope of the CC.

Evaluation Criteria (the CC)

Evaluation Methodology

Evaluation Scheme

Final Evaluation Results

I Approve/ \ Certify Г

List of Certificates/ Register

Figure 3.1 - Evaluation context

3.4 Organisation of Common Criteria

The CC is presented as a set of distinct but related parts as identified below. Terms used in the description of the parts are explained in clause 4.

a)Part 1, Introduction and general model, is the introduction to the CC. It defines general concepts and principles of IT security evaluation and presents a general model of evaluation. Part 1 also presents constructs for expressing IT security objectives, for selecting and defining IT security requirements, and for writing high-level specifications for products and systems. In addition, the usefulness of each part of the CC is described in terms of each of the target audiences.

b)Part 2, Security functional requirements, establishes a set of functional components as a standard way of expressing the functional requirements for TOEs. Part 2 catalogues the set of functional components, families, and classes.

c)Part 3, Security assurance requirements, establishes a set of assurance components as a standard way of expressing the assurance requirements for TOEs. Part 3 catalogues the set of assurance components, families and classes. Part 3 also defines evaluation criteria for PPs and STs and presents evaluation assurance levels that define the predefined CC scale for rating assurance for TOEs, which is called the Evaluation Assurance Levels (EALs).

In support of the three parts of the CC listed above, it is anticipated that other types of documents will be published, including technical rationale material and guidance documents.

The following table presents, for the three key target audience groupings, how the parts of the CC will be of interest.

Table 3.1 - Roadmap to the Common Criteria




Part 1

Use for background information and reference purposes. Guidance structure for PPs.

Use for background information and reference for the development of requirements and formulating security specifications for TOEs.

Use for background information and reference purposes. Guidance structure for PPs and STs.

Part 2

Use for guidance and reference when formulating statements of requirements for security functions.

Use for reference when interpreting statements of functional requirements and formulating functional specifications for TOEs.

Use as mandatory statement of evaluation criteria when determining whether a TOE effectively meets claimed security functions.

Part 3

Use for guidance when determining required levels of assurance.

Use for reference when interpreting statements of assurance requirements and determining assurance approaches of TOEs.

Use as mandatory statement of evaluation criteria when determining the assurance of TOEs and when evaluating

PPs and STs.

4 General model

This clause presents the general concepts used throughout the CC, including the context in which the concepts are to be used and the CC approach for applying the concepts. Part 2 and Part 3 expand on the use of these concepts and assume that the approach described is used. This clause assumes some knowledge of IT security and does not propose to act as a tutorial in this area.

The CC discusses security using a set of security concepts and terminology. An understanding of these concepts and the terminology is a prerequisite to the effective use of the CC. However, the concepts themselves are quite general and are not intended to restrict the class of IT security problems to which the CC is applicable.

4.1 Security context 4.1.1 general security context

Security is concerned with the protection of assets from threats, where threats are categorised as the potential for abuse of protected assets. All categories of threats should be considered; but in the domain of security greater attention is given to those threats that are related to malicious or other human activities. Figure 4.1 illustrates high level concepts and relationships.



wish to minimise



that may be

to reduce

reduced by


that may possess

may be aware of


Threat agents

give rise to



leading to


that increase




wish to abuse and/or may damage


Figure 4.1 - Security concepts and relationships

0 ... 3 4 5 6 7 8 9 ... 20