Раздел: Документация
0 ... 3 4 5 6 7 8 9 ... 73 ISO/IEC 15408-3 Assurance levels Evaluation assurance level EAL name Objectives I Application notes I Assurance component [Component identification] Г - ~глС T7- - - "1 L Objectives j l Application notes Г - -FT "j- - - 1 L Dependencies j I Assurance element l~n l г Figure 2.3 - EAL structure ISO/IEC 15408-3 Assurance requirements Assurance class Class name Class introduction Assurance family Family name Objectives Component levelling Application notes Assurance component [Component identification! Objectives Application notes Dependencies Assurance element ISO/IEC 15408-3 Assurance levels Evaluation assurance level EAL name Objectives Application notes Assurance component [Component identification] Г - ~глЕ T7- - - "1 L Obiectives j l Application notes j г - fT ""j- - - "1 L Dependencies j I Assurance element ft Figure 2.4 - Assurance and assurance level association 2.1.5.4 Assurance components A set ofassurance components have been chosen for each EAL. A higher level of assurance than that provided by a given EAL can be achieved by: a)including additional assurance components from other assurance families; or b)replacing an assurance component with a higher level assurance component from the same assurance family. 2.1.6 Relationship between assurances and assurance levels Figure 2.4 illustrates the relationship between the assurance requirements and the assurance levels defined in ISO/IEC 15408. While assurance components further decompose into assurance elements, assurance elements cannot be individually referenced by assurance levels. Note that the arrow in the figure represents a reference from an EAL to an assurance component within the class where it is defined. 2.2 Component taxonomy This part of ISO/IEC 15408 contains classes of families and components that are grouped on the basis of related assurance. At the start of each class is a diagram that indicates the families in the class and the components in each family. Class name
Figure 2.5 - Sample class decomposition diagram In Figure 2.5, above, the class as shown contains a single family. The family contains three components that are linearly hierarchical (i.e. component 2 requires more than component 1, in terms of specific actions, specific evidence, or rigour of the actions or evidence). The assurance families in this part of ISO/IEC 15408 are all linearly hierarchical, although linearity is not a mandatory criterion for assurance families that may be added in the future. 2.3 Protection Profile and Security Target evaluation criteria class structure The requirements for protection profile and security target evaluation are treated as assurance classes and are presented using the similar structure as that used for the other assurance classes, described below. One notable difference is the absence of a component levelling subclause in the associated family descriptions. The reason is that each family has only a single component and therefore no levelling has occurred. Tables 3.1, 3.2, 3.3 and 3.4 in clause 3 of this part of ISO/IEC 15408 summarise, for both the APE and ASE classes, their constituent families and abbreviations for each. Narrative summaries for the APE families can be found in ISO/IEC 15408-1, Annex B, subclauses B.2.2 through B.2.6, 0 ... 3 4 5 6 7 8 9 ... 73
|
