This part of ISO/IEC 15408 defines the required structure and content of security functional components for the purpose of security evaluation. It includes a catalogue of functional components that will meet the common security functionality requirements of many IT products and systems.
Contents:
- Foreword
- Introduction
- Scope
- Normative references
- Terms, definitions and abbreviated terms
- Overview
- Functional requirements paradigm
- Security functional components
- Class FAU: Security audit
- Class FCO: Communication
- Class FCS: Cryptographic support
- Class FDP: User data protection
- Class FIA: Identification and authentication
- Class FMT: Security management
- Class FPR: Privacy
- Class FPT: Protection of the TSF
- Class FRU: Resource utilisation
- Class FTA: TOE access
- Class FTP: Trusted path/channels
- Annex A (normative) - Security functional requirements application notes
- Annex B (normative) - Functional classes, families, and components
- Annex C (normative) - Class FAU: Security audit
- Annex D (normative) - Class FCO: Communication
- Annex E (normative) - Class FCS: Cryptographic support
- Annex F (normative) - Class FDP: User data protection
- Annex G (normative) - Class FIA: Identification and authentication
- Annex H (normative) - Class FMT: Security management
- Annex I (normative) - Class FPR: Privacy
- Annex J (normative) - Class FPT: Protection of the TSF
- Annex K (normative) - Class FRU: Resource utilisation
- Annex L (normative) - Class FTA: TOE access
- Annex M (normative) - Class FTP: Trusted path/channels