Relier Pairs Security EvaluationVersion en ligne Computer System Security Chapter 11 par Aidora Abdullah 1 EAL 1 2 Evaluation Assurance Level (EAL) 3 Target of Evaluation 4 Functionality 5 ITSEC 6 Protection Profile 7 Security Target 8 Method of Evaluation 9 Assurance 10 EAL 7 11 Cryptographic Modules, Security Levels 12 Purpose of Evaluation 13 Trusted Execution Environment 14 TCSEC 15 Common Criteria System provides adequate for meeting a user's concrete security requirements. Defines what has to be done in an evaluation. An example of Data Protection, Protection Profile. Product/System has the security properties claimed, is suitable for a given application, and is accredited. A reusable set of security requirements. European security evaluation criteria separating functionality and assurance. formally verified, designed and tested. Security evaluation criteria for US Defense sector. Evaluation should not miss problems / different evaluations of the same product should give the same results. The security services have been implemented properly so that the user can rely on them. An example of a Trusted Computing Protection Profile. Functionally tested. An international set of specifications and guidelines designed to evaluate information security products and systems. Implementation-dependent statement of security needs for a specific identified TOE. Software has to meet generic security requirements; OR system meets specific security requirements of a given application.