Relier Pairs Security EvaluationVersion en ligne Computer System Security Chapter 11 par Aidora Abdullah 1 Assurance 2 Functionality 3 Evaluation Assurance Level (EAL) 4 Trusted Execution Environment 5 Target of Evaluation 6 EAL 1 7 Protection Profile 8 TCSEC 9 Security Target 10 Common Criteria 11 Purpose of Evaluation 12 EAL 7 13 Method of Evaluation 14 ITSEC 15 Cryptographic Modules, Security Levels Implementation-dependent statement of security needs for a specific identified TOE. Evaluation should not miss problems / different evaluations of the same product should give the same results. Product/System has the security properties claimed, is suitable for a given application, and is accredited. System provides adequate for meeting a user's concrete security requirements. An international set of specifications and guidelines designed to evaluate information security products and systems. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. European security evaluation criteria separating functionality and assurance. An example of Data Protection, Protection Profile. formally verified, designed and tested. An example of a Trusted Computing Protection Profile. The security services have been implemented properly so that the user can rely on them. A reusable set of security requirements. Defines what has to be done in an evaluation. Security evaluation criteria for US Defense sector. Functionally tested.