Information technology - Security techniques - Evaluation

Read Online or Download Information technology - Security techniques - Evaluation criteria for IT security iso15408-1 PDF

Similar security books

Simple Steps to Data Encryption: A Practical Guide to Secure Computing

Everybody wishes privateness and defense on-line, anything that almost all computing device clients have roughly given up on so far as their own facts is worried. there isn't any scarcity of excellent encryption software program, and no scarcity of books, articles and essays that purport to be approximately how one can use it. but there's worthy little for usual clients who wish simply enough information regarding encryption to take advantage of it properly and securely and appropriately--WITHOUT having to develop into specialists in cryptography.

Comprehensive Security in Asia: Views from Asia and the West on a Changing Security Environment

This can be an exam of "Comprehensive safeguard" as a coverage that is going past the necessities of army defence opposed to a selected "enemy" to emphasize the necessity to take note of different facets very important to nationwide balance: meals, strength, setting, communique and social safety.

Protecting Human Security in Africa

Keeping Human safety in Africa discusses one of the most effective threats to human protection in Africa. It bargains specifically with these threats to the protection of African humans that are least understood or explored. In subject matters various from corruption, the proliferation of small hands and lightweight guns, nutrients protection, the devastation of inner displacement in Africa, the hyperlink among normal assets and human defense, to the issues of compelled labour, threatsto women's safeguard, and environmental defense, the ebook examines the felony and coverage demanding situations of shielding human defense in Africa.

Additional info for Information technology - Security techniques - Evaluation criteria for IT security iso15408-1

Example text

The revision work has been carried out by the successor to the CCEB, now called the CC Implementation Board (CCIB). 0 “Beta” in October 1997 and presented it to WG 3, which approved it as a Second Committee Draft. Subsequent intermediate draft versions were provided informally to WG 3 experts for feedback as they were produced by the CCIB. The CCIB received and responded to a series of comments that came both directly from WG 3 experts and from ISO National Bodies via the CD balloting. 0. For historical and continuity purposes, ISO/IEC JTC 1/SC 27/WG 3 has accepted the continued use of the term “Common Criteria” (CC) within the document, while recognising that its official name in the ISO context is “Evaluation Criteria for Information Technology Security”.

Explanation and interpretation may be necessary to present any individual policy statement in a manner that permits it to be used to set clear security objectives. If security objectives are derived from only threats and assumptions, then the description of organisational security policies may be omitted. Where the TOE is physically distributed, it may be necessary to discuss the security environmental aspects (assumptions, threats, organisational security policies) separately for distinct domains of the TOE environment.

2) Any explicit statement of TOE security functional or assurance requirements shall be clearly and unambiguously expressed such that evaluation and demonstration of compliance is feasible. The level of detail and manner of expression of existing CC functional or assurance requirements shall be used as a model. 3) When requirements components that specify required operations (assignment or selection) are selected, the PP shall use those operations to amplify the requirements to the level of detail necessary to demonstrate that the security objectives are met.

Download PDF sample

Rated 4.75 of 5 – based on 35 votes