Relier Pairs Security EvaluationVersion en ligne Computer System Security Chapter 11 par Aidora Abdullah 1 Target of Evaluation 2 Cryptographic Modules, Security Levels 3 Common Criteria 4 Evaluation Assurance Level (EAL) 5 Protection Profile 6 TCSEC 7 EAL 7 8 Method of Evaluation 9 Security Target 10 EAL 1 11 ITSEC 12 Trusted Execution Environment 13 Purpose of Evaluation 14 Functionality 15 Assurance Software has to meet generic security requirements; OR system meets specific security requirements of a given application. Evaluation should not miss problems / different evaluations of the same product should give the same results. Product/System has the security properties claimed, is suitable for a given application, and is accredited. A reusable set of security requirements. An example of Data Protection, Protection Profile. The security services have been implemented properly so that the user can rely on them. Implementation-dependent statement of security needs for a specific identified TOE. European security evaluation criteria separating functionality and assurance. System provides adequate for meeting a user's concrete security requirements. An example of a Trusted Computing Protection Profile. Defines what has to be done in an evaluation. Security evaluation criteria for US Defense sector. Functionally tested. An international set of specifications and guidelines designed to evaluate information security products and systems. formally verified, designed and tested.