Matching Pairs Security EvaluationOnline version Computer System Security Chapter 11 by Aidora Abdullah 1 Evaluation Assurance Level (EAL) 2 Common Criteria 3 Security Target 4 Method of Evaluation 5 Target of Evaluation 6 Purpose of Evaluation 7 EAL 1 8 Protection Profile 9 Functionality 10 ITSEC 11 Assurance 12 TCSEC 13 Trusted Execution Environment 14 EAL 7 15 Cryptographic Modules, Security Levels formally verified, designed and tested. Product/System has the security properties claimed, is suitable for a given application, and is accredited. Implementation-dependent statement of security needs for a specific identified TOE. Functionally tested. A reusable set of security requirements. An example of Data Protection, Protection Profile. Security evaluation criteria for US Defense sector. European security evaluation criteria separating functionality and assurance. Evaluation should not miss problems / different evaluations of the same product should give the same results. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. An international set of specifications and guidelines designed to evaluate information security products and systems. Defines what has to be done in an evaluation. An example of a Trusted Computing Protection Profile. System provides adequate for meeting a user's concrete security requirements. The security services have been implemented properly so that the user can rely on them.
New game