8(495)909-90-01
8(964)644-46-00
pro@sio.su
Главная
Системы видеонаблюдения
Охранная сигнализация
Пожарная сигнализация
Система пожаротушения
Система контроля удаленного доступа
Оповещение и эвакуация
Контроль периметра
Система домофонии
Парковочные системы
Проектирование слаботочных сетей
Аварийный
контроль
Раздел: Документация

0 1 2 3 4 5 ... 117

L.5TOE access history (FTA TAH) ................................339

L.6TOE session establishment (FTA TSE) ...........................340

Annex M Trusted path/channels (FTP) .....................................341

M. 1Inter-TSF trusted channel (FTP ITC) ............................342

M.2Trusted path (FTP TRP) ......................................343


List of Figures

Figure 1.1 -

Security functional requirements paradigm (Monolithic TOE) .....

....... 3

Figure 1.2 -

Diagram of security functions in a distributed TOE ..............

....... 4

Figure 1.3 -

Relationship between user data and TSF data ..................

....... 7

Figure 1.4 -

Relationship between "authentication data" and "secrets" .........

....... 8

Figure 2.1 -

Functional class structure ..................................

...... 9

Figure 2.2 -

Functional family structure .................................

10

Figure 2.3 -

Functional component structure .............................

12

Figure 2.4 -

Sample class decomposition diagram .........................

....... 15

Figure 3.1 -

Security audit class decomposition ...........................

....... 17

Figure 4.1 -

Communication class decomposition .........................

....... 31

Figure 5.1 -

Cryptographic support class decomposition ....................

...... 37

Figure 6.1 -

User data protection class decomposition ......................

....... 44

Figure 6.2 -

User data protection class decomposition (cont.) ................

....... 45

Figure 7.1 -

Identification and authentication class decomposition ............

....... 78

Figure 8.1 -

Security management class decomposition ....................

....... 92

Figure 9.1 -

Privacy class decomposition ................................

105

Figure 10.1 -

Protection of the TSF class decomposition .....................

.......116

Figure 10.2 -

Protection of the TSF class decomposition (Cont.) ..............

.......117

Figure 11.1 -

Resource utilisation class decomposition ......................

145

Figure 12.1 -

TOE access class decomposition ............................

.......153

Figure 13.1 -

Trusted path/channels class decomposition ....................

.......163

Figure A.1 -

Functional class structure ..................................

169

Figure A.2 -

Functional family structure for application notes ................

.......170

Figure A.3 -

Functional component structure .............................

.......171

Figure C.1 -

Security audit class decomposition ...........................

182

Figure D.1 -

Communication class decomposition .........................

199

Figure E.1 -

Cryptographic support class decomposition ....................

207

Figure F.1 -

User data protection class decomposition ......................

217

Figure F.2 -

User data protection class decomposition (cont.) ................

.......218

Figure G.1 -

Identification and authentication class decomposition ............

.......256

Figure H.1 -

Security management class decomposition ....................

.......270

Figure I.1 -

Privacy class decomposition ................................

283

Figure J.1 -

Protection of the TSF class decomposition .....................

.......300

Figure J.2 -

Protection of the TSF class decomposition (Cont.) ..............

.......301

Figure K.1 -

Resource utilisation class decomposition ......................

327

Figure L.1 -

TOE access class decomposition ............................

.......333

Figure M.1 -

Trusted path/channels class decomposition ....................

.......341


Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.

International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.

In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote.

International Standard ISO/IEC 15408-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, in collaboration with Common Criteria Project Sponsoring Organisations. The identical text of ISO/IEC 15408-2 is published by the Common Criteria Project Sponsoring Organisations as Common Criteria for Information Technology Security Evaluation. Additional information on the Common Criteria Project and contact information on its Sponsoring Organisations is provided in Annex A of ISO/IEC 15408-1.

ISO/IEC 15408 consists of the following parts, under the general title Information technology - Security techniques - Evaluation criteria for IT security:

-Part 1: Introduction and general model

-Part 2: Security functional requirements

-Part 3: Security assurance requirements

Annexes A to M of this part of ISO/IEC 15408 are for information only.

This LEGAL NOTICE has been placed in all Parts of ISO/IEC 15408 by request:

The seven governmental organisations (collectively called "the Common Criteria Project Sponsoring Organisations") identified in ISO/IEC 15408-1 Annex A, as the joint holders of the copyright in the Common Criteria for Information Technology Security Evaluation, Parts 1 through 3 (called the "CC"), hereby grant non-exclusive license to ISO/IEC to use the CC in the development of the ISO/IEC 15408 international standard. However, the Common Criteria Project Sponsoring Organisations retain the right to use, copy, distribute, or modify the CC as they see fit.



0 1 2 3 4 5 ... 117