ISO/IEC 15408-5:2022
Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 5: Pre-defined packages of security requirements
Ausgabedatum:
2022-08
Edition:
1.0
Sprache: EN - englisch
Seitenzahl: 27 VDE-Artnr.: 251084
ISO/IEC 15408-5:2022 This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders.
EXAMPLE - Examples of provided packages include the evaluation assurance levels (EAL) and the composed assurance packages (CAPs).
This document presents:
- evaluation assurance level (EAL) family of packages that specify pre-defined sets of security assurance components that may be referenced in PPs and STs and which specify appropriate security assurances to be provided during an evaluation of a target of evaluation (TOE);
- composition assurance (CAP) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during an evaluation of composed TOEs;
- composite product (COMP) package that specifies a set of security assurance components used for specifying appropriate security assurances to be provided during an evaluation of a composite product TOEs;
- protection profile assurance (PPA) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during a protection profile evaluation;
- security target assurance (STA) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during a security target evaluation.
The users of this document can include consumers, developers, and evaluators of secure IT products.