New Activity
Play Matching Pairs

Common Criteria

Security Target

Cryptographic Modules, Security Levels

EAL 1

TCSEC

Trusted Execution Environment

Method of Evaluation

Functionality

Purpose of Evaluation

EAL 7

Protection Profile

Assurance

ITSEC

Target of Evaluation

Evaluation Assurance Level (EAL)

Defines what has to be done in an evaluation.

Software has to meet generic security requirements; OR system meets specific security requirements of a given application.

Implementation-dependent statement of security needs for a specific identified TOE.

An international set of specifications and guidelines designed to evaluate information security products and systems.

An example of Data Protection, Protection Profile.

The security services have been implemented properly so that the user can rely on them.

System provides adequate for meeting a user's concrete security requirements.

Security evaluation criteria for US Defense sector.

Evaluation should not miss problems / different evaluations of the same product should give the same results.

Functionally tested.

An example of a Trusted Computing Protection Profile.

European security evaluation criteria separating functionality and assurance.

formally verified, designed and tested.

A reusable set of security requirements.

Product/System has the security properties claimed, is suitable for a given application, and is accredited.