This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: 12/19/2010 1 Unit 8: Assurances Unit 8: Assurances Part 2 Click Here to Start Audio CC Evaluation Assurance CC Evaluation Assurance c “Greater assurance results from application of greater evaluation effort” ◦ Scope - larger portion of IT product is evaluated. ◦ Depth - Deployed to a finer level of design and implementation detail ◦ Rigor - applied in a more structured, formal manner. [CC Part 3 Section 1.2.3] CC Part 3 Terms CC Part 3 Terms c Determine - Perform Independent Analysis c Reviews: ◦ Check - Quick Determination by Evaluator ◦ Confirm - Detailed Review with independent determination of sufficiency c Strength of Analysis: ◦ Prove - Formal Mathematical ◦ Justification - Carefully explaining every step of the analysis. ◦ Demonstrate - Less Rigorous than Prove and Justify 12/19/2010 2 Evaluation Assurance Levels Evaluation Assurance Levels c EAL1- Functionally Tested c EAL2 - Structurally Tested c EAL3 - Methodically Tested c EAL4 - Methodically Designed, Tested, and Reviewed c EAL5 – Semi-formally Designed and Tested Evaluation Assurance Levels Evaluation Assurance Levels c EAL6: Semiformally Verified Design and Tested c EAL7; Formally Verified Design and Tested EAL Summary EAL Summary 12/19/2010...
View Full Document
- Spring '11
- security policy, Eal, Evaluation Assurance Level