8(495)909-90-01
8(964)644-46-00
pro@sio.su
Главная
Системы видеонаблюдения
Охранная сигнализация
Пожарная сигнализация
Система пожаротушения
Система контроля удаленного доступа
Оповещение и эвакуация
Контроль периметра
Система домофонии
Парковочные системы
Проектирование слаботочных сетей
Аварийный
контроль
Раздел: Документация

0 1 2 3 ... 73

INTERNATIONAL STANDARD

ISO/IEC 15408-3

First edition 1999-12-01

Information technology - Security techniques - Evaluation criteria for IT security -

Part 3:

Security assurance requirements

Technologies de /information - Techniques de securite - Criteres devaluation pour la securite TI -

Partie 3: Exigences dassurance de securite

Reference number ISO/IEC 15408-3:1999(E)


© ISO/IEC 1999

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the publisher.

ISO/IEC Copyright Office • Case postale 56 • CH-1211 Geneve 20 • Switzerland

Printed in Switzerland


Contents

1Scope ........................................................1

1.1Organisation of ISO/IEC 15408-3 ...............................1

1.2ISO/IEC 15408 assurance paradigm ..............................1

1.2.1ISO/IEC 15408 philosophy.................................2

1.2.2Assurance approach.......................................2

1.2.3The ISO/IEC 15408 evaluation assurance scale.................4

2Security assurance requirements .................................5

2.1Structures ..................................................5

2.1.1Class structure ...........................................5

2.1.2Assurance family structure.................................6

2.1.3Assurance component structure.............................7

2.1.4Assurance elements.......................................10

2.1.5EAL structure...........................................10

2.1.6Relationship between assurances and assurance levels............13

2.2Component taxonomy .........................................13

2.3Protection Profile and Security Target evaluation criteria class structure .13

2.4Usage of terms in ISO/IEC 15408-3 ..............................14

2.5Assurance categorisation ......................................15

2.6Assurance class and family overview .............................15

2.6.1Class ACM: Configuration management......................16

2.6.2Class ADO: Delivery and operation..........................17

2.6.3Class ADV: Development..................................17

2.6.4Class AGD: Guidance documents............................18

2.6.5Class ALC: Life cycle support..............................19

2.6.6Class ATE: Tests.........................................20

2.6.7Class AVA: Vulnerability assessment........................20

2.7Maintenance categorisation ....................................21

2.8Maintenance of assurance class and family overview ................21

2.8.1 Class AMA: Maintenance of assurance.......................21

3Protection Profile and Security Target evaluation criteria ............23

3.1Overview...................................................23

3.2Protection Profile criteria overview ..............................23

3.2.1Protection Profile evaluation................................23

3.2.2Relation to the Security Target evaluation criteria...............23

3.2.3Evaluator tasks ..........................................24

3.3Security Target criteria overview ................................24

3.3.1Security Target evaluation.................................24

3.3.2Relation to the other evaluation criteria in this part of ISO/IEC 15408 24

3.3.3Evaluator tasks ..........................................25

4Class APE: Protection Profile evaluation ...........................27

4.1TOE description (APE DEES) ...................................28

4.2Security environment (APE ENV) ..............................29

4.3PP introduction (APE INT) ....................................30



0 1 2 3 ... 73
Рейтинг@Mail.ru