BS ISO/IEC 15408-3:2005 - Information technology. Security techniques. Evaluation criteria for IT security. Security assurance requirements – BSI British Standards

BS ISO/IEC 15408-3:2005

Information technology. Security techniques. Evaluation criteria for IT security. Security assurance requirements

Status : Revised, Superseded, Withdrawn   Published : November 2005 Replaced By : BS EN ISO/IEC 15408-3:2020,

WITHDRAWN TITLE
*To ask about withdrawn titles contact the
Customer Relations
cservices@bsigroup.com, +44 345 086 9001


This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance, the individual assurance components from which the assurance levels are composed, and the criteria for evaluation of Protection Profiles (PPs) or Security Target (STs).

Contents:

  • Foreword
  • Introduction
  • Scope
  • Normative references
  • Terms, definitions, symbols and abbreviated terms
  • Overview
  • ISO/IEC 15408 assurance paradigm
  • Security assurance requirements
  • Protection profile and security target evaluation criteria
  • Class APE: Protection profile evaluation
  • Class ASE: Security target evaluation
  • Evaluation assurance levels
  • Assurance classes, families, and components
  • Class ACM: Configuration management
  • Class ADO: Delivery and operation
  • Class ADV: Development
  • Class AGD: Guidance documents
  • Class ALC: Life cycle support
  • Class ATE: Tests
  • Class AVA: Vulnerability assessment
  • Annex A (informative) - Cross reference of assurance component dependencies
  • Annex B (informative) - Cross reference of EALs and assurance components



Standard NumberBS ISO/IEC 15408-3:2005
TitleInformation technology. Security techniques. Evaluation criteria for IT security. Security assurance requirements
StatusRevised, Superseded, Withdrawn
Publication Date14 November 2005
Withdrawn Date31 March 2009
Normative References(Required to achieve compliance to this standard)ISO/IEC 15408-1
Informative References(Provided for Information)No other standards are informatively referenced
ReplacesBS ISO/IEC 15408-3:1999
International RelationshipsISO/IEC 15408-3:2005
Draft Superseded By04/30108742 DC
DescriptorsData storage protection, Data security, Data processing, Installation, Information exchange, Performance testing, Quality assurance, Maintenance, Specification (approval)
ICS35.030
Title in FrenchTechnologies de l'information. Techniques de securite. Criteres d'evaluation pour la securite TI. Exigences d'assurance de securite
Title in GermanInformationstechnik. IT-Sicherheitsverfahren. Evaluationskriterien fuer IT-Sicherheit. Anforderungen an die Vertrauenswürdigkeit
CommitteeIST/33/3
ISBN0 580 46823 2
PublisherBSI
FormatA4
DeliveryNo
Pages164
File Size1.106 MB
Price£342.00


WITHDRAWN TITLE
*To ask about withdrawn titles contact the
Customer Relations
cservices@bsigroup.com, +44 345 086 9001
 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Worldwide Standards
We can source any standard from anywhere in the world


BSOL

The faster, easier way to work with standards


Develop a PAS

Develop a fast-track standardization document in 9-12 months