Relier Pairs Security EvaluationVersion en ligne Computer System Security Chapter 11 par Aidora Abdullah 1 Common Criteria 2 Cryptographic Modules, Security Levels 3 ITSEC 4 Target of Evaluation 5 EAL 7 6 TCSEC 7 Functionality 8 Protection Profile 9 Security Target 10 Assurance 11 Purpose of Evaluation 12 Evaluation Assurance Level (EAL) 13 EAL 1 14 Method of Evaluation 15 Trusted Execution Environment Evaluation should not miss problems / different evaluations of the same product should give the same results. The security services have been implemented properly so that the user can rely on them. A reusable set of security requirements. An example of Data Protection, Protection Profile. System provides adequate for meeting a user's concrete security requirements. formally verified, designed and tested. Functionally tested. Implementation-dependent statement of security needs for a specific identified TOE. An international set of specifications and guidelines designed to evaluate information security products and systems. Defines what has to be done in an evaluation. Security evaluation criteria for US Defense sector. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. European security evaluation criteria separating functionality and assurance. Product/System has the security properties claimed, is suitable for a given application, and is accredited. An example of a Trusted Computing Protection Profile.