Matching Pairs Security EvaluationOnline version Computer System Security Chapter 11 by Aidora Abdullah 1 EAL 1 2 Target of Evaluation 3 ITSEC 4 Assurance 5 Common Criteria 6 Trusted Execution Environment 7 TCSEC 8 Purpose of Evaluation 9 Cryptographic Modules, Security Levels 10 Method of Evaluation 11 Functionality 12 Evaluation Assurance Level (EAL) 13 Security Target 14 Protection Profile 15 EAL 7 A reusable set of security requirements. An example of a Trusted Computing Protection Profile. Defines what has to be done in an evaluation. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. Evaluation should not miss problems / different evaluations of the same product should give the same results. An international set of specifications and guidelines designed to evaluate information security products and systems. Product/System has the security properties claimed, is suitable for a given application, and is accredited. formally verified, designed and tested. Functionally tested. The security services have been implemented properly so that the user can rely on them. System provides adequate for meeting a user's concrete security requirements. An example of Data Protection, Protection Profile. Implementation-dependent statement of security needs for a specific identified TOE. Security evaluation criteria for US Defense sector. European security evaluation criteria separating functionality and assurance.
New game