• There are no items in your cart

DIN ISO/IEC 15408-1:2007-11

Withdrawn
Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

View Superseded by
withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL
Withdrawn date

03-01-2011

Published date

01-12-2013

Nationales Vorwort
Nationaler Anhang NA (informativ) Begriffe
Nationaler Anhang NB (informativ) Symbole und Abkürzungen
Nationaler Anhang NC (informativ) Literaturhinweise
Introduction
1 Scope
2 Terms and definitions
3 Symbols and abbreviated terms
4 Overview
  4.1 Introduction
      4.1.1 Target audience of ISO/IEC 15408
  4.2 Evaluation context
  4.3 Organisation of ISO/IEC 15408
5 General model
  5.1 Security context
      5.1.1 General security context
      5.1.2 Information technology security context
  5.2 ISO/IEC 15408 approach
      5.2.1 Development
      5.2.2 TOE evaluation
      5.2.3 Operation
  5.3 Security concepts
      5.3.1 Security environment
      5.3.2 Security objectives
      5.3.3 IT security requirements
      5.3.4 TOE summary specification
      5.3.5 TOE implementation
  5.4 ISO/IEC 15408 descriptive material
      5.4.1 Expression of security requirements
      5.4.2 Types of evaluation
6 ISO/IEC 15408 requirements and evaluation results
  6.1 Introduction
  6.2 Requirements in PPs and STs
      6.2.1 PP evaluation results
  6.3 Requirements in TOE
      6.3.1 TOE evaluation results
  6.4 Conformance results
  6.5 Use of TOE evaluation results
Annex A (normative) Specification of Protection Profiles
                      A.1 Overview
                      A.2 Content of Protection Profile
                          A.2.1 Content and presentation
                          A.2.2 PP introduction
                          A.2.3 TOE description
                          A.2.4 TOE security environment
                          A.2.5 Security objectives
                          A.2.6 IT security requirements
                          A.2.7 Application notes
                          A.2.8 Rationale
Annex B (normative) Specification of Security Targets
                      B.1 Overview
                      B.2 Content of Security Target
                          B.2.1 Content and presentation
                          B.2.2 ST introduction
                          B.2.3 TOE description
                          B.2.4 TOE security environment
                          B.2.5 Security objectives
                          B.2.6 IT security requirements
                          B.2.7 TOE summary specification
                          B.2.8 PP claims
                          B.2.9 Application Notes
                          B.2.10 Rationale
Annex C (informative) Bibliography

Diese mehrteilige Internationale Norm ISO/IEC 15408 definiert Kriterien, die aus historischen Gründen und um die Kontinuität zu wahren hier als Gemeinsame Kriterien (Common Criteria, CC) referenziert werden. Sie sollen als Grundlage für die Prüfung und bewertung der Sicherheitseigenschaften von Produkten und Systemen der Informationstechnik (IT) dienen. ISO/IEC 15408 Teil 1 beschreibt ein allgemeines Konzept der Evaluationskriterien. Grundlegende Begriffe wie Verauenswürdigkeitsstufe (Evaluation Assurance Level, EAL), Schutzprofil (Protection Profile, PP), Sicherheitsvorgaben (Security Target, ST), und Evaluationsgegenstand (Target of Evaluation, TOE) werden festgelegt.

DocumentType
Standard
PublisherName
German Institute for Standardisation (Deutsches Institut für Normung)
Status
Withdrawn
SupersededBy

Standards Relationship
ISO/IEC 15408-1:2009 Identical

View more information
Sorry this product is not available in your region.

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.