QU4LITY mapped on
ISO/IEC 15408 series - Information technology -Security techniques -Evaluation criteria for IT security

General desciption of ISO/IEC 15408 series - Information technology -Security techniques -Evaluation criteria for IT security:

These requirements establish a standard way of expressing the assurance requirements for Targets of Evaluation (TOEs). This part of ISO/IEC 15408 catalogues the set of assurance components, families and classes. This part of ISO/IEC 15408 also defines evaluation criteria for PPs (Protection Profile) and STs (Security Target) and presents evaluation assurance levels that define the predefined ISO/IEC 15408 scale for rating assurance for TOEs, which is called the Evaluation Assurance Levels (EALs). The audience for this part of ISO/IEC 15408 includes consumers, developers, and evaluators of secure IT products. Developers, who respond to actual or perceived consumer security requirements in constructing a TOE, reference this part of ISO/IEC 15408 when interpreting statements of assurance requirements and determining assurance approaches of TOEs.

https://www.iso.org/standard/50341.html
https://standards.iso.org/ittf/PubliclyAvailableStandards/c050341_ISO_IEC_15408-1_2009.zip (public download)

Publisher: ISO/IEC

License: ISO/IEC

More information: https://www.iso.org/standard/50341.html

Relevant:

Comment:

Associated to QU4LITY Reference Architecture: Distributed Trustworthiness Layer

Details: General concepts and principles of IT security evaluation; general model of evaluation

No additional information available