expand for answer
ISO/IEC 15408-3:2005
ISO/IEC 154083:2005, Evaluation Criteria for IT Security – Part 3: Security Assurance Requirements, 2005.
Similar items:
ISO/IEC 154082:2005, Evaluation Criteria for IT Security – Part 2: Security Functional Requirements, 2005.
[view]
[view]
ISO/IEC 154081:2005, Evaluation Criteria for IT Security – Part 1: Introduction and General Model, 2005.
[view]
[view]
<p>International Standard ISO/IEC 5408, Common Criteria for Information Technology Security Evaluation<br></p><p>Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use<br></p>
[view]
[view]
ISO/IEC 27001, Information Security Management Systems – Requirements, 2005.
[view]
[view]
<p>The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation. The increasing assurance levels reflect added assurance requirements that must be met to achieve Common Criteria certification.</p><p>EAL 1: Functionally tested<br>EAL 2: Structurally tested<br>EAL 3: Methodically tested and checked<br>EAL 4: Methodically designed, tested and reviewed<br>EAL 5: Semi-formally designed and tested<br>EAL 6: Semi-formally verified design and tested<br>EAL 7: Formally verified design and tested</p>
[view]
[view]
There are no comments yet.