Matching Pairs Security EvaluationOnline version Computer System Security Chapter 11 by Aidora Abdullah 1 Cryptographic Modules, Security Levels 2 Method of Evaluation 3 Trusted Execution Environment 4 Target of Evaluation 5 Evaluation Assurance Level (EAL) 6 Functionality 7 EAL 7 8 Common Criteria 9 Assurance 10 EAL 1 11 Protection Profile 12 Purpose of Evaluation 13 TCSEC 14 ITSEC 15 Security Target Product/System has the security properties claimed, is suitable for a given application, and is accredited. A reusable set of security requirements. Security evaluation criteria for US Defense sector. An example of a Trusted Computing Protection Profile. Evaluation should not miss problems / different evaluations of the same product should give the same results. Defines what has to be done in an evaluation. System provides adequate for meeting a user's concrete security requirements. Functionally tested. formally verified, designed and tested. Implementation-dependent statement of security needs for a specific identified TOE. European security evaluation criteria separating functionality and assurance. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. An international set of specifications and guidelines designed to evaluate information security products and systems. The security services have been implemented properly so that the user can rely on them. An example of Data Protection, Protection Profile.