BS ISO/IEC 15408 allows you to compare between the results of independent security evaluations. It does so by providing a common set of requirements for the security functions of IT products and systems, and for assurance measures applied to them during a security evaluation.
The evaluation process establishes a level of confidence that the security functions of such products and systems and the assurance measures applied to them meet these requirements. The evaluation results may help consumers to determine whether the IT product or system is secure enough for their intended application and whether the security risks implicit in its use are tolerable.
Contents:
- Forward
- Introduction
- Scope
- Terms and definitions
- Symbols and abbreviated terms
- Overview
- General model
- ISO/IEC 15408 requirements and evaluation results
- Annex A (normative) - Specification of protection profiles
- Annex B (normative) - Specification of security targets
- Bibliography