NF EN ISO/IEC 15408-3

March 2020

Standard Current

Information technology - Security techniques - Evaluation criteria for IT security - Part 3 : security assurance components

ISO/IEC 15408-3:2008 defines the assurance requirements of the evaluation criteria. It includes the evaluation assurance levels that define a scale for measuring assurance for component targets of evaluation (TOEs), the composed assurance packages that define a scale for measuring assurance for composed TOEs, the individual assurance components from which the assurance levels and packages are composed, and the criteria for evaluation of protection profiles and security targets. ISO/IEC 15408-3:2008 defines the content and presentation of the assurance requirements in the form of assurance classes, families and components and provides guidance on the organization of new assurance requirements. The assurance components within the assurance families are presented in a hierarchical order.

View the extract

Main informations

Collections

National standards and national normative documents

Publication date

March 2020

Number of pages

190 p.

Reference

NF EN ISO/IEC 15408-3

ICS Codes

35.030 IT Security

Classification index

Z74-203-3

Print number

International kinship

ISO/IEC 15408-3:2008

European kinship

EN ISO/IEC 15408-3:2020

Sumary

Information technology - Security techniques - Evaluation criteria for IT security - Part 3 : security assurance components

ISO/IEC 15408-3:2008 defines the content and presentation of the assurance requirements in the form of assurance classes, families and components and provides guidance on the organization of new assurance requirements. The assurance components within the assurance families are presented in a hierarchical order.

Table of contents

View the extract

Avant-propos
1 Domaine d'application
2 Références normatives
3 Termes, définitions, symboles et abréviations
4 Vue d'ensemble
5 Paradigme de l'assurance
6 Composants d'assurance de sécurité
7 Niveaux d'assurance de l'évaluation
8 Paquets d'assurance composés
9 Classe APE: Évaluation d'un profil de protection
10 Classe ASE: Évaluation d'une cible de sécurité
11 Classe ADV: Développement
12 Classe AGD: Guides
13 Classe ALC: Support au cycle de vie
14 Classe ATE: Tests
15 Classe AVA: Estimation des vulnérabilités
16 Classe ACO: Composition
Annexe A (informative) Développement (ADV)
Annexe B (informative) Composition (ACO)
Annexe C (informative) Référence croisée des dépendances entre les composants d'assurance
Annexe D (informative) Référence croisée des PP et des composants d'assurance
Annexe E (informative) Référence croisée des EAL et des composants d'assurance
Annexe F (informative) Référence croisée des CAP et des composants d'assurance

ZOOM ON ... the Requirements department

To comply with a standard, you need to quickly understand its issues in order to determine its impact on your activity.

The Requirements department helps you quickly locate within the normative text:
- mandatory clauses to satisfy,
- non-essential but useful clauses to know, such as permissions and recommendations.

The identification of these types of clauses is based on the document “ISO / IEC Directives, Part 2 - Principles and rules of structure and drafting of ISO documents ”as well as on a constantly enriched list of verbal forms.

With Requirements, quickly access the main part of the normative text!

With Requirements, quickly access the main part of the normative text!

Need to identify, monitor and decipher standards?

COBAZ is the simple and effective solution to meet the normative needs related to your activity, in France and abroad.

Available by subscription, CObaz is THE modular solution to compose according to your needs today and tomorrow. Quickly discover CObaz!

Request your free, no-obligation live demo

I discover COBAZ