• Hydrogen Technologies Standards form the basic framework for market ramp-up

    More information
  • Climate change Standards and specifications support climate targets

    More information
  • Smart Farming Standards and specifications are drivers for the digitalization of agriculture

    More information
Project

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 5: Pre-defined packages of security requirements

Abstract

This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders. EXAMPLE Examples of provided packages include the evaluation assurance levels (EAL) and the composed assurance packages (CAPs). This document presents: - evaluation assurance level (EAL) family of packages that specify pre-defined sets of security assurance components that may be referenced in PPs and STs and which specify appropriate security assurances to be provided during an evaluation of a target of evaluation (TOE); - composition assurance (CAP) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during an evaluation of composed TOEs; - composite product (COMP) package that specifies a set of security assurance components used for specifying appropriate security assurances to be provided during an evaluation of a composite product TOEs; - protection profile assurance (PPA) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during a protection profile evaluation; - security target assurance (STA) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during a security target evaluation. The users of this document can include consumers, developers, and evaluators of secure IT products.

Begin

2024-06-06

WI

JT013086

Planned document number

DIN EN ISO/IEC 15408-5 rev

Project number

04301146

Responsible national committee

NA 043-04-13 GA - DIN/DKE Joint working committee Cybersecurity  

Responsible european committee

CEN/CLC/JTC 13 - Cybersecurity and Data Protection  

Responsible international committee

ISO/IEC JTC 1/SC 27/WG 3 - Security evaluation, testing and specification  

Contact

Martin Uhlherr

Am DIN-Platz, Burggrafenstr. 6
10787 Berlin

Tel.: +49 30 2601-2591
Fax: +49 30 2601-42591

Send message to contact