Skip to content
Please enter a keyword to search

  • INCITS/ISO/IEC 15408-1 : 2012

    Current The latest, up-to-date edition.

    INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL

    Available format(s):  Hardcopy, PDF

    Language(s):  English

    Published date:  01-01-2012

    Publisher:  Information Technology Industry Council

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    Foreword
    Introduction
    2 Normative references
    3 Terms and definitions
    4 Abbreviated terms
    5 Overview
    6 General model
    7 Tailoring Security Requirements
    8 Protection Profiles and Packages
    9 Evaluation results
    Annex A (informative) - Specification
            of Security Targets
    Annex B (informative) - Specification of
            Protection Profiles
    Annex C (informative) - Guidance for
            Operations
    Annex D (informative) - PP conformance
    Bibliography

    Abstract - (Show below) - (Hide below)

    Gives the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products.

    General Product Information - (Show below) - (Hide below)

    Committee CS1
    Document Type Standard
    Publisher Information Technology Industry Council
    Status Current
    Superseded By

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
    ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements
    IEEE 610.12-1990 IEEE Standard Glossary of Software Engineering Terminology
    ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
    ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
    ISO/IEC 15292:2001 Information technology - Security techniques - Protection Profile registration procedures
    ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
    ISO/IEC TR 19791:2010 Information technology Security techniques Security assessment of operational systems
    ISO/IEC TR 15446:2017 Information technology Security techniques Guidance for the production of protection profiles and security targets
    ISO/IEC 18045:2008 Information technology — Security techniques — Methodology for IT security evaluation
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective