Relier Pairs Security EvaluationVersion en ligne Computer System Security Chapter 11 par Aidora Abdullah 1 Common Criteria 2 Method of Evaluation 3 Evaluation Assurance Level (EAL) 4 Assurance 5 Target of Evaluation 6 Protection Profile 7 Purpose of Evaluation 8 Functionality 9 Cryptographic Modules, Security Levels 10 EAL 1 11 ITSEC 12 Trusted Execution Environment 13 Security Target 14 TCSEC 15 EAL 7 An international set of specifications and guidelines designed to evaluate information security products and systems. Defines what has to be done in an evaluation. European security evaluation criteria separating functionality and assurance. The security services have been implemented properly so that the user can rely on them. A reusable set of security requirements. Product/System has the security properties claimed, is suitable for a given application, and is accredited. formally verified, designed and tested. Evaluation should not miss problems / different evaluations of the same product should give the same results. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. Security evaluation criteria for US Defense sector. System provides adequate for meeting a user's concrete security requirements. An example of Data Protection, Protection Profile. Implementation-dependent statement of security needs for a specific identified TOE. Functionally tested. An example of a Trusted Computing Protection Profile.