Protection Profile
Functionality
Trusted Execution Environment
Target of Evaluation
ITSEC
Method of Evaluation
EAL 7
EAL 1
Purpose of Evaluation
Evaluation Assurance Level (EAL)
Common Criteria
Security Target
Cryptographic Modules, Security Levels
TCSEC
Assurance
A reusable set of security requirements.
An example of a Trusted Computing Protection Profile.
Security evaluation criteria for US Defense sector.
System provides adequate for meeting a user's concrete security requirements.
Evaluation should not miss problems / different evaluations of the same product should give the same results.
An international set of specifications and guidelines designed to evaluate information security products and systems.
Defines what has to be done in an evaluation.
Functionally tested.
The security services have been implemented properly so that the user can rely on them.
An example of Data Protection, Protection Profile.
Product/System has the security properties claimed, is suitable for a given application, and is accredited.
Implementation-dependent statement of security needs for a specific identified TOE.
formally verified, designed and tested.
Software has to meet generic security requirements; OR system meets specific security requirements of a given application.
European security evaluation criteria separating functionality and assurance.