IS_Common_Criteria

IS_Common_Criteria - Information Security Evaluation...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Information Security Evaluation Criteria Prof. Joon S. Park, Ph.D School of Information Studies Syracuse University
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Evaluation Product Evaluation ITSEC, TCSEC, CC, etc. Engineering Process Evaluation SPICE, CMM, etc. Save cost for product evaluation
Background image of page 2
TCSEC Known as Orange Book, DoD 5200.28- STD Four trust rating divisions (classes) D: Minimal protection C (C1,C2): Discretionary protection B (B1, B2, B3): Mandatory protection A (A1): Highly-secure
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Common Criteria CC is the outcome of a series of effort to develop criteria for evaluation of IT security The International Organization for Standardization (ISO) has developed a set of international standard security evaluation criteria It opens the way to worldwide mutual recognition of evaluation results The CC defines seven Evaluation Assurance Levels (EALs) for ranking the criteria.
Background image of page 4
Security Functionality Classes in CC Audit (FAU) Cryptography Support (FCS) Communications
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 10

IS_Common_Criteria - Information Security Evaluation...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online