Matching Pairs Security EvaluationOnline version Computer System Security Chapter 11 by Aidora Abdullah 1 Assurance 2 Functionality 3 Trusted Execution Environment 4 Evaluation Assurance Level (EAL) 5 Target of Evaluation 6 EAL 7 7 TCSEC 8 Purpose of Evaluation 9 Security Target 10 Cryptographic Modules, Security Levels 11 EAL 1 12 Common Criteria 13 Protection Profile 14 ITSEC 15 Method of Evaluation An example of Data Protection, Protection Profile. The security services have been implemented properly so that the user can rely on them. Security evaluation criteria for US Defense sector. Functionally tested. Implementation-dependent statement of security needs for a specific identified TOE. System provides adequate for meeting a user's concrete security requirements. European security evaluation criteria separating functionality and assurance. formally verified, designed and tested. A reusable set of security requirements. Evaluation should not miss problems / different evaluations of the same product should give the same results. Defines what has to be done in an evaluation. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. Product/System has the security properties claimed, is suitable for a given application, and is accredited. An example of a Trusted Computing Protection Profile. An international set of specifications and guidelines designed to evaluate information security products and systems.
New game