NF EN ISO/IEC 15408-2

March 2020

Standard Current

Information technology - Security techniques - Evaluation criteria for IT security - Part 2 : security functional components

ISO/IEC 15408-2:2008 defines the content and presentation of the security functional requirements to be assessed in a security evaluation using ISO/IEC 15408. It contains a comprehensive catalogue of predefined security functional components that will meet most common security needs of the marketplace. These are organized using a hierarchical structure of classes, families and components, and supported by comprehensive user notes. ISO/IEC 15408-2:2008 also provides guidance on the specification of customized security requirements where no suitable predefined security functional components exist.

View the extract

Main informations

Collections

National standards and national normative documents

Publication date

March 2020

Number of pages

242 p.

Reference

NF EN ISO/IEC 15408-2

ICS Codes

35.030 IT Security

Classification index

Z74-203-2

Print number

International kinship

ISO/IEC 15408-2:2008

European kinship

EN ISO/IEC 15408-2:2020

Sumary

Information technology - Security techniques - Evaluation criteria for IT security - Part 2 : security functional components

ISO/IEC 15408-2:2008 also provides guidance on the specification of customized security requirements where no suitable predefined security functional components exist.

Table of contents

View the extract

Avant-propos
1 Domaine d'application
2 Références normatives
3 Termes, définitions, symboles et abréviations
4 Vue d'ensemble
5 Modèle d'exigences fonctionnelles
6 Composants fonctionnels de sécurité
7 Classe FAU: Audit de sécurité
8 Classe FCO: Communication
9 Classe FCS: Support cryptographique
10 Classe FDP: Protection des données utilisateur
11 Classe FIA: Identification et authentification
12 Classe FMT: Gestion de la sécurité
13 Classe FPR: Protection de la vie privée
14 Classe FPT: Protection de la TSF
15 Classe FRU: Utilisation des ressources
16 Classe FTA: Accès à la TOE
17 Classe FTP: Chemin et canaux de confiance
Annexe A (normative) Notes d'application sur les exigences fonctionnelles de sécurité
Annexe B (normative) Classes, familles et composants fonctionnels
Annexe C (normative) Classe FAU: Audit de sécurité
Annexe D (normative) Classe FCO: Communication
Annexe E (normative) Classe FCS: Support cryptographique
Annexe F (normative) Classe FDP: Protection des données utilisateur
Annexe G (normative) Classe FIA: Identification et authentification
Annexe H (normative) Classe FMT: Gestion de la sécurité
Annexe I (normative) Classe FPR: Protection de la vie privée
Annexe J (normative) Classe FPT: Protection de la TSF
Annexe K (normative) Classe FRU: Utilisation des ressources
Annexe Annexe L (normative) Classe FTA: Accès à la TOE
Annexe M (normative) Classe FTP: Chemin et canaux de confiance

ZOOM ON ... the Requirements department

To comply with a standard, you need to quickly understand its issues in order to determine its impact on your activity.

The Requirements department helps you quickly locate within the normative text:
- mandatory clauses to satisfy,
- non-essential but useful clauses to know, such as permissions and recommendations.

The identification of these types of clauses is based on the document “ISO / IEC Directives, Part 2 - Principles and rules of structure and drafting of ISO documents ”as well as on a constantly enriched list of verbal forms.

With Requirements, quickly access the main part of the normative text!

With Requirements, quickly access the main part of the normative text!

Need to identify, monitor and decipher standards?

COBAZ is the simple and effective solution to meet the normative needs related to your activity, in France and abroad.

Available by subscription, CObaz is THE modular solution to compose according to your needs today and tomorrow. Quickly discover CObaz!

Request your free, no-obligation live demo

I discover COBAZ