Раздел: Документация

0 ... 7 8 9 10 11 12 13 ... 73

3 Protection Profile and Security Target evaluation criteria

3.1Overview

This clause introduces the evaluation criteria for PPs and STs. The evaluation criteria are then fully presented in clause 4, Class APE: Protection Profile evaluation, and clause 5, Class ASE: Security Target evaluation.

These criteria are the first requirements presented in this part of ISO/IEC 15408 because the PP and ST evaluation will normally be performed before the TOE evaluation. They play a special role in that information about the TOE is assessed and the functional and assurance requirements are evaluated in order to find out whether the PP or ST is a meaningful basis for a TOE evaluation.

Although these evaluation criteria differ somewhat from the requirements in clauses 7 through 14, they are presented in a similar manner because the developer and evaluator activities are comparable for PP, ST and TOE evaluations.

The PP and ST classes differ from the TOE classes in that all the requirements in the PP or ST class need to be considered for a PP or ST evaluation, whereas the requirements presented in the TOE classes cover a wide range of topics not all of which need be considered for a given TOE.

The evaluation criteria for PPs and STs are based on the information provided in Annexes B and C of ISO/IEC 15408-1. Useful background information for the requirements in the classes APE and ASE, as presented in the following clauses, can be found there.

3.2Protection Profile criteria overview

3.2.1Protection Profile evaluation

The goal of a PP evaluation is to demonstrate that the PP is complete, consistent, technically sound, and hence suitable for use as a statement of requirements for one or more evaluatable TOEs. Such a PP may be eligible for inclusion within a PP registry.

3.2.2Relation to the Security Target evaluation criteria

As described in Annexes B and C of ISO/IEC 15408-1, there are many similarities in structure and content between the generic PP and the TOE-specific ST. Consequently, the criteria for evaluating PPs contain requirements that are similar to many of those for STs, and the criteria for both are presented in a similar manner.

---

3.2.3 Evaluator tasks

3.2.3.1 Evaluator tasks for an evaluation based on ISO/IEC 15408 requirements only

Evaluators performing a PP evaluation that does not include requirements from outside the standard shall apply the requirements of the APE class as described in Table 3.1.

Table 3.1 -Protection Profile families - only ISO/IEC 15408 requirements Class

Class APE: Protection

Profile evaluation

Family	Abbreviated Name
Protection Profile, TOE description	APEDES
Protection Profile, Security environment	APEENV
Protection Profile, PP introduction	APEINT
Protection Profile, Security objectives	APEOBJ
Protection Profile, IT security requirements	APEREQ

3.2.3.2 Evaluator tasks for a ISO/IEC 15408 extended evaluation

Evaluators performing a PP evaluation that includes requirements from outside the standard shall apply the requirements of the APE class as described in Table 3.2.

Table 3.2 -Protection Profile families - ISO/IEC 15408 extended requirements Class

Class APE:

Protection

Profile evaluation

Family	Abbreviated Name
Protection Profile, TOE description	APE DES
Protection Profile, Security environment	APE ENV
Protection Profile, PP introduction	APEINT
Protection Profile, Security objectives	APEOBJ
Protection Profile, IT security requirements	APE REQ
Protection Profile, Explicitly stated IT security requirements	APESRE

3.3 Security Target criteria overview

3.3.1Security Target evaluation

The goal of an ST evaluation is to demonstrate that the ST is complete, consistent, technically sound, and hence suitable for use as the basis for the corresponding TOE evaluation.

3.3.2Relation to the other evaluation criteria in this part of ISO/IEC 15408

There are two identified stages for the evaluation of a TOE; the ST evaluation and the corresponding TOE evaluation. The requirements for ST evaluations are discussed here and in clause 6 while the requirements for TOE evaluations are contained in clauses 7 through 14.

---

An ST evaluation includes a PP claims evaluation. If the ST does not claim PP conformance, the PP claims part of the ST shall contain a statement that the TOE does not claim conformance to any

PP.

3.3.3 Evaluator tasks

3.3.3.1 Evaluator tasks for an evaluation based on ISO/IEC 15408 requirements only

Evaluators performing an ST evaluation that does not include requirements from outside the standard shall apply the requirements of the ASE class as described in Table 3.3.

Table 3.3 -Security Target families - only ISO/IEC 15408 requirements

Class

Family	Abbreviated Name
Security Target, TOE description	asedes
Security Target, Security environment	ASE ENV
Security Target, ST introduction	ASEINT
Security Target, Security objectives	ASEOBJ
Security Target, PP claims	ASEPPC
Security Target, IT security requirements	ASEREQ
Security Target, TOE summary specification	ASE TSS

Class ASE:

Security Target evaluation

3.3.3.2 Evaluator tasks for a ISO/IEC 15408 extended evaluation

Evaluators performing an ST evaluation that includes requirements from outside the standard shall apply the requirements of the ASE class as described in Table 3.4.

Table 3.4 -Security Target families - ISO/IEC 15408 extended requirements

Class

Family	Abbreviated Name
Security Target, TOE description	ASE DES
Security Target, Security environment	ASE ENV
Security Target, ST introduction	ASE INT
Security Target, Security objectives	ASEOBJ
Security Target, PP claims	ASEPPC
Security Target, IT security requirements	ASE REQ
Security Target, Explicitly stated IT security requirements	ASESRE
Security Target, TOE summary specification	ASE TSS

Class ASE:

Security Target evaluation

0 ... 7 8 9 10 11 12 13 ... 73