Matching Pairs Security EvaluationOnline version Computer System Security Chapter 11 by Aidora Abdullah 1 ITSEC 2 Cryptographic Modules, Security Levels 3 TCSEC 4 Common Criteria 5 Security Target 6 Protection Profile 7 EAL 7 8 Functionality 9 Method of Evaluation 10 Purpose of Evaluation 11 Assurance 12 Trusted Execution Environment 13 EAL 1 14 Target of Evaluation 15 Evaluation Assurance Level (EAL) System provides adequate for meeting a user's concrete security requirements. The security services have been implemented properly so that the user can rely on them. Functionally tested. Security evaluation criteria for US Defense sector. An example of Data Protection, Protection Profile. Evaluation should not miss problems / different evaluations of the same product should give the same results. An example of a Trusted Computing Protection Profile. A reusable set of security requirements. formally verified, designed and tested. An international set of specifications and guidelines designed to evaluate information security products and systems. Implementation-dependent statement of security needs for a specific identified TOE. Defines what has to be done in an evaluation. European security evaluation criteria separating functionality and assurance. Product/System has the security properties claimed, is suitable for a given application, and is accredited. Software has to meet generic security requirements; OR system meets specific security requirements of a given application.