Matching Pairs Security EvaluationOnline version Computer System Security Chapter 11 by Aidora Abdullah 1 Purpose of Evaluation 2 Cryptographic Modules, Security Levels 3 Assurance 4 TCSEC 5 Security Target 6 EAL 1 7 Evaluation Assurance Level (EAL) 8 Target of Evaluation 9 Method of Evaluation 10 ITSEC 11 EAL 7 12 Common Criteria 13 Functionality 14 Protection Profile 15 Trusted Execution Environment A reusable set of security requirements. System provides adequate for meeting a user's concrete security requirements. formally verified, designed and tested. An international set of specifications and guidelines designed to evaluate information security products and systems. Functionally tested. Security evaluation criteria for US Defense sector. Software has to meet generic security requirements; OR system meets specific security requirements of a given application. Implementation-dependent statement of security needs for a specific identified TOE. European security evaluation criteria separating functionality and assurance. Defines what has to be done in an evaluation. An example of a Trusted Computing Protection Profile. The security services have been implemented properly so that the user can rely on them. Evaluation should not miss problems / different evaluations of the same product should give the same results. Product/System has the security properties claimed, is suitable for a given application, and is accredited. An example of Data Protection, Protection Profile.
New game