Relier Pairs Security EvaluationVersion en ligne Computer System Security Chapter 11 par Aidora Abdullah 1 ITSEC 2 Method of Evaluation 3 TCSEC 4 Security Target 5 Assurance 6 Evaluation Assurance Level (EAL) 7 Target of Evaluation 8 Protection Profile 9 Purpose of Evaluation 10 EAL 7 11 Common Criteria 12 Cryptographic Modules, Security Levels 13 Trusted Execution Environment 14 Functionality 15 EAL 1 The security services have been implemented properly so that the user can rely on them. Defines what has to be done in an evaluation. A reusable set of security requirements. Functionally tested. An example of Data Protection, Protection Profile. formally verified, designed and tested. Evaluation should not miss problems / different evaluations of the same product should give the same results. Implementation-dependent statement of security needs for a specific identified TOE. Product/System has the security properties claimed, is suitable for a given application, and is accredited. Security evaluation criteria for US Defense sector. System provides adequate for meeting a user's concrete security requirements. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. An example of a Trusted Computing Protection Profile. European security evaluation criteria separating functionality and assurance. An international set of specifications and guidelines designed to evaluate information security products and systems.
Créer jeu