Relacionar Columnas Security EvaluationVersión en línea Computer System Security Chapter 11 por Aidora Abdullah 1 ITSEC 2 EAL 1 3 Common Criteria 4 Method of Evaluation 5 Assurance 6 Protection Profile 7 Trusted Execution Environment 8 Cryptographic Modules, Security Levels 9 EAL 7 10 TCSEC 11 Purpose of Evaluation 12 Functionality 13 Target of Evaluation 14 Security Target 15 Evaluation Assurance Level (EAL) A reusable set of security requirements. Implementation-dependent statement of security needs for a specific identified TOE. The security services have been implemented properly so that the user can rely on them. European security evaluation criteria separating functionality and assurance. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. Defines what has to be done in an evaluation. Evaluation should not miss problems / different evaluations of the same product should give the same results. Functionally tested. Product/System has the security properties claimed, is suitable for a given application, and is accredited. formally verified, designed and tested. Security evaluation criteria for US Defense sector. An example of Data Protection, Protection Profile. System provides adequate for meeting a user's concrete security requirements. An example of a Trusted Computing Protection Profile. An international set of specifications and guidelines designed to evaluate information security products and systems.
Crear