ISO/IEC 15408-1:2009
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
09-08-2022
French, English
03-12-2009
ISO/IEC 15408-1:2009 establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of ISO/IEC 15408 which in its entirety is meant to be used as the basis for evaluation of security properties of IT products.
It provides an overview of all parts of ISO/IEC 15408. It describes the various parts of ISO/IEC 15408; defines the terms and abbreviations to be used in all parts ISO/IEC 15408; establishes the core concept of a Target of Evaluation (TOE); the evaluation context; and describes the audience to which the evaluation criteria are addressed. An introduction to the basic security concepts necessary for evaluation of IT products is given.
It defines the various operations by which the functional and assurance components given in ISO/IEC 15408-2 and ISO/IEC 15408-3 may be tailored through the use of permitted operations.
The key concepts of protection profiles (PP), packages of security requirements and the topic of conformance are specified and the consequences of evaluation and evaluation results are described.
ISO/IEC 15408-1:2009 gives guidelines for the specification of Security Targets (ST) and provides a description of the organization of components throughout the model.
General information about the evaluation methodology is given in ISO/IEC 18045 and the scope of evaluation schemes is provided.
DocumentType |
Standard
|
Pages |
68
|
ProductNote |
THIS STANDARD ALSO HAVE CORRECTED VERSION FOR ENGLISH FOR THE YEAR 2014.
|
PublisherName |
International Organization for Standardization
|
Status |
Superseded
|
SupersededBy | |
Supersedes |
DIN EN 419251-3:2013-06 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 3: ADDITIONAL FUNCTIONALITY FOR SECURITY TARGETS |
AAMI IEC TIR 80001-2-2 : 2012 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-2: GUIDANCE FOR THE DISCLOSURE AND COMMUNICATION OF MEDICAL DEVICE SECURITY NEEDS, RISKS AND CONTROLS |
ISO/IEC 29128:2011 | Information technology — Security techniques — Verification of cryptographic protocols |
PD ISO/IEC TR 19791:2006 | Information technology. Security techniques. Security assessment of operational systems |
BS EN 419251-2:2013 | Security requirements for device for authentication Protection profile for extension for trusted channel to certificate generation application |
11/30168516 DC : 0 | BS ISO/IEC 27032 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR CYBERSECURITY |
BS ISO 15118-1 : 2013 | ROAD VEHICLES - VEHICLE TO GRID COMMUNICATION INTERFACE - PART 1: GENERAL INFORMATION AND USE-CASE DEFINITION |
CSA ISO/IEC TR 15942:2004 | INFORMATION TECHNOLOGY - PROGRAMMING LANGUAGES - GUIDE FOR THE USE OF THE ADA PROGRAMMING LANGUAGE IN HIGH INTEGRITY SYSTEMS |
ISO/IEC TR 20004:2015 | Information technology Security techniques Refining software vulnerability analysis under ISO/IEC 15408 and ISO/IEC 18045 |
BS EN 50436-6:2015 | Alcohol interlocks. Test methods and performance requirements Data security |
BS EN 419211-6:2014 | Protection profiles for secure signature creation device Extension for device with key import and trusted channel to signature creation application |
CAN/CSA-IEC 62443-2-1:17 | Industrial communication networks — Network and system security — Part 2-1: Establishing an industrial automation and control system security program (Adopted IEC 62443-2-1:2010, first edition, 2010-11) | Réseaux industriels de communication — Sécurité dans les réseaux et les systèmes — Partie 2-1 : Établissement d’un programme de sécurité pour les systèmes d’automatisation et de commande industrielles (norme IEC 62443-2-1:2010 adoptée, première édition, 2010-11) |
05/30144069 DC : DRAFT DEC 2005 | ISO 13491-1 - BANKING - SECURE CRYPTOGRAPHIC DEVICES (RETAIL) - PART 1: CONCEPTS, REQUIREMENTS AND EVALUATION METHODS |
UNI CEN ISO/TS 25110 : 2013 | ELECTRONIC FEE COLLECTION - INTERFACE DEFINITION FOR ON-BOARD ACCOUNT USING INTEGRATED CIRCUIT CARD (ICC) |
PD ISO/IEC TS 24748-1:2016 | Systems and software engineering. Life cycle management Guidelines for life cycle management |
PD CEN ISO/TS 14907-1:2015 | Electronic fee collection. Test procedures for user and fixed equipment Description of test procedures |
ISO/IEC TS 19249:2017 | Information technology — Security techniques — Catalogue of architectural and design principles for secure products, systems and applications |
BS ISO/IEC 30107-3:2017 | Information technology. Biometric presentation attack detection Testing and reporting |
12/30204847 DC : 0 | BS ISO/IEC 29147 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VULNERABILITY DISCLOSURE |
PREN 419221-5 : DRAFT 2016 | PROTECTION PROFILES FOR TRUST SERVICE PROVIDER CRYPTOGRAPHIC MODULES - PART 5: CRYPTOGRAPHIC MODULE FOR TRUST SERVICES |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
12/30227495 DC : 0 | BS ISO 15118-1 - ROAD VEHICLES - VEHICLE TO GRID COMMUNICATION INTERFACE - PART 1: GENERAL INFORMATION AND USE-CASE DEFINITION |
PD ISO/TR 11636:2009 | Health informatics. Dynamic on-demand virtual private network for health information infrastructure |
13/30293476 DC : 0 | BS EN 62601 - INDUSTRIAL COMMUNICATION NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIA-PA |
EN ISO/TS 17574 : 2004 | ROAD TRANSPORT AND TRAFFIC TELEMATICS - ELECTRONIC FEE COLLECTION (EFC) - GUIDELINES FOR EFC SECURITY PROTECTION PROFILES |
S.R. CEN ISO/TS 14907-1:2015 | ELECTRONIC FEE COLLECTION - TEST PROCEDURES FOR USER AND FIXED EQUIPMENT - PART 1: DESCRIPTION OF TEST PROCEDURES (ISO/TS 14907-1:2015) |
PD CEN/TR 16968:2016 | Electronic Fee Collection. Assessment of security measures for applications using Dedicated Short-Range Communication |
07/30162803 DC : 0 | BS ISO/IEC 18045 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - METHODOLOGY FOR IT SECURITY EVALUATION |
CSA ISO/IEC TR 14516 : 2004 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR THE USE AND MANAGEMENT OF TRUSTED THIRD PARTY SERVICES |
CAN/CSA-ISO/IEC TR 14516-04 (R2017) | Information Technology - Security Techniques - Guidelines for the use and Management of Trusted Third Party Services (Adopted ISO/IEC TR 14516:2002, first edition, 2002-06-15) |
DD IEC PAS 62601 : DRAFT MAR 2009 | INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIA-PA COMMUNICATION NETWORK AND COMMUNICATION PROFILE |
CSA TELECOM ORGANIZATIONS PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR |
CSA ISO/IEC TR 14516 : 2004 : R2012 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR THE USE AND MANAGEMENT OF TRUSTED THIRD PARTY SERVICES |
INCITS/ISO/IEC 15945 : 2002 : R2007 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES |
INCITS/ISO/IEC 15945 : 2002 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES |
S.R. CEN ISO/TS 14441:2013 | HEALTH INFORMATICS - SECURITY AND PRIVACY REQUIREMENTS OF EHR SYSTEMS FOR USE IN CONFORMITY ASSESSMENT (ISO/TS 14441:2013) |
ISO/TS 21089:2018 | Health informatics Trusted end-to-end information flows |
ANSI X9.117 : 2012 | SECURE REMOTE ACCESS - MUTUAL AUTHENTICATION |
S.R. CEN/TS 419221-2:2016 | PROTECTION PROFILES FOR TSP CRYPTOGRAPHIC MODULES - PART 2: CRYPTOGRAPHIC MODULE FOR CSP SIGNING OPERATIONS WITH BACKUP |
INCITS/ISO/IEC 15408-3 : 2013(R2018) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 3: SECURITY ASSURANCE REQUIREMENTS |
I.S. EN 50436-6:2015 | ALCOHOL INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 6: DATA SECURITY |
ISO 25110:2017 | Electronic fee collection — Interface definition for on-board account using integrated circuit card (ICC) |
BS EN ISO 15118-1:2015 | Road vehicles. Vehicle to grid communication interface General information and use-case definition |
EN IEC 62443-4-1:2018 | Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements |
I.S. EN ISO 27799:2016 | HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 |
I.S. CWA 14172-7:2004 | EESSI CONFORMITY ASSESSMENT GUIDANCE - PART 7: CRYPTOGRAPHIC MODULES USED BY CERTIFICATION SERVICE PROVIDERS FOR SIGNING OPERATIONS AND KEY GENERATION SERVICES |
EN ISO 25110:2017 | Electronic fee collection - Interface definition for on-board account using integrated circuit card (ICC) (ISO 25110:2017) |
ISO 12931:2012 | Performance criteria for authentication solutions used to combat counterfeiting of material goods |
ISO/IEC 15945:2002 | Information technology — Security techniques — Specification of TTP services to support the application of digital signatures |
CEN ISO/TS 17574:2017 | Electronic fee collection - Guidelines for security protection profiles (ISO/TS 17574:2017) |
CEN ISO/TS 25110:2013 | Electronic fee collection - Interface definition for on-board account using integrated circuit card (ICC) (ISO/TS 25110:2013) |
EN 50436-6:2015 | Alcohol interlocks - Test methods and performance requirements - Part 6: Data security |
EN 62601:2016 | Industrial networks - Wireless communication network and communication profiles - WIA-PA |
EN 319 421 : 1.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING TIME-STAMPS |
UNE-EN 419211-2:2016 | Protection profiles for secure signature creation device - Part 2: Device with key generation |
TR 102 780 : 1.1.1 | METHODS FOR TESTING AND SPECIFICATION (MTS); SECURITY; GUIDE TO THE USE OF METHODS IN DEVELOPMENT OF ETSI SECURITY STANDARDS |
S.R. CEN/TS 419221-3:2016 | PROTECTION PROFILES FOR TSP CRYPTOGRAPHIC MODULES - PART 3: CRYPTOGRAPHIC MODULE FOR CSP KEY GENERATION SERVICES |
04/30091046 DC : DRAFT DEC 2004 | ISO/IEC 19790 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES |
16/30329605 DC : 0 | BS ISO/IEC 30107-3 - INFORMATION TECHNOLOGY - BIOMETRIC PRESENTATION ATTACK DETECTION - PART 3: TESTING AND REPORTING |
INCITS/ISO/IEC 15292 : 2001 : R2007 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - PROTECTION PROFILE REGISTRATION PROCEDURES |
ISO 13491-2:2017 | Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions |
ISO/IEC 30107-3:2017 | Information technology — Biometric presentation attack detection — Part 3: Testing and reporting |
08/30091038 DC : DRAFT JUNE 2008 | ISO/IEC 19792 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY EVALUATION OF BIOMETRICS |
TS 102 573 : 2.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR TRUST SERVICE PROVIDERS SIGNING AND/OR STORING DATA OBJECTS |
17/30351770 DC : 0 | BS EN ISO 25110 - ELECTRONIC FEE COLLECTION - INTERFACE DEFINITION FOR ON-BOARD ACCOUNT USING INTEGRATED CIRCUIT CARD (ICC) |
DIN EN 419211-2:2013-12 | Protection profiles for secure signature creation device - Part 2: Device with key generation |
BS ISO/IEC 19792:2009 | Information technology. Security techniques. Security evaluation of biometrics |
INCITS/ISO/IEC 17799 : 2005 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT |
BS EN 419251-1:2013 | Security requirements for device for authentication Protection profile for core functionality |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
ISO/IEC 29167-14:2015 | Information technology Automatic identification and data capture techniques Part 14: Crypto suite AES OFB security services for air interface communications |
EN 319 411-2 : 2.2.2 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 2: REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING EU QUALIFIED CERTIFICATES |
08/30133461 DC : 0 | ISO/IEC 27003 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION GUIDANCE |
13/30277648 DC : 0 | BS EN 50436-6 - ALCOHOL INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 6: DATA SECURITY |
CSA ISO/IEC 15292 : 2004 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - PROTECTION PROFILE REGISTRATION PROCEDURES |
07/30169475 DC : 0 | BS ISO 15782-1 - CERTIFICATE MANAGEMENT FOR FINANCIAL SERVICES - PART 1: PUBLIC KEY CERTIFICATES |
ISO/IEC TR 15446:2017 | Information technology Security techniques Guidance for the production of protection profiles and security targets |
BS ISO 12931:2012 | Performance criteria for authentication solutions used to combat counterfeiting of material goods |
04/30091043 DC : DRAFT DEC 2004 | ISO/IEC 19791 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY ASSESSMENT OF OPERATIONAL SYSTEMS |
PD IEC/TS 62224:2013 | Multimedia home server systems. Conceptual model for digital rights management |
BS ISO/IEC 15945:2002 | Information technology. Security techniques. Specification of TTP services to support the application of digital signatures |
BS ISO 13491-2:2017 | Financial services. Secure cryptographic devices (retail) Security compliance checklists for devices used in financial transactions |
CAN/CSA-ISO/IEC 15945-04 (R2017) | Information Technology - Security Techniques - Specification of TTP Services to Support the Application of Digital Signatures (Adopted ISO/IEC 15945:2002, first edition, 2002-02-01) |
CSA ISO/IEC TR 15446 : 2010 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDE FOR THE PRODUCTION OF PROTECTION PROFILES AND SECURITY TARGETS |
IEEE DRAFT 1074 : 0 | DEVELOPING SOFTWARE LIFE CYCLE PROCESSES |
CSA ISO/IEC 15408-2 : 2009 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 2: SECURITY FUNCTIONAL COMPONENTS |
IEC 62443-2-1:2010 | Industrial communication networks - Network and system security - Part 2-1: Establishing an industrial automation and control system security program |
UNE-ISO/IEC TR 19791:2013 IN | Information technology. Security techniques. Security assessment of operational systems |
UNE 71512:2011 | Applications with the Spanish DNIe. Electronic signature creation and verification. Type 2 for personal computers, and with a Evaluation Assurance Level «EAL1» |
PD CEN/TS 419221-2:2016 | Protection Profiles for TSP cryptographic modules Cryptographic module for CSP signing operations with backup |
I.S. CWA 14365-1:2004 | GUIDE ON THE USE OF ELECTRONIC SIGNATURES - PART 1: LEGAL AND TECHNICAL ASPECTS |
VDMA 66418 : DRAFT 2017 | INDUSTRIAL SECURITY - GENERAL REQUIREMENTS FOR SECURITY OF MACHINES, SYSTEMS AND RELATED COMPONENTS |
EG 202 387 : 1.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); SECURITY DESIGN GUIDE; METHOD FOR APPLICATION OF COMMON CRITERIA TO ETSI DELIVERABLES |
TR 102 420 : 1.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); REVIEW OF ACTIVITY ON SECURITY |
ISO 15118-1:2013 | Road vehicles Vehicle to grid communication interface Part 1: General information and use-case definition |
I.S. EN 62601:2016 | INDUSTRIAL NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIA-PA |
CSA ISO/IEC TR 15942:04 (R2019) | Information Technology - Programming Languages - Guide for the Use of the Ada Programming Language in High Integrity Systems (Adopted ISO/IEC TR 15942:2000, first edition, 2000-03-01) |
PREN 419241-2 : DRAFT 2017 | TRUSTWORTHY SYSTEMS SUPPORTING SERVER SIGNING - PART 2: PROTECTION PROFILE FOR QSCD FOR SERVER SIGNING |
I.S. EN ISO 15118-1:2015 | ROAD VEHICLES - VEHICLE TO GRID COMMUNICATION INTERFACE - PART 1: GENERAL INFORMATION AND USE-CASE DEFINITION (ISO 15118-1:2013) |
UNI CEN ISO/TS 14441 : 2014 | HEALTH INFORMATICS - SECURITY AND PRIVACY REQUIREMENTS OF HER SYSTEMS FOR USE IN CONFORMITY ASSESSMENT |
ISO/IEC TS 24748-1:2016 | Systems and software engineering Life cycle management Part 1: Guidelines for life cycle management |
BS ISO/IEC 29147:2014 | Information technology. Security techniques. Vulnerability disclosure |
UNE 71511:2011 | Applications with the Spanish DNIe. Electronic signature creation and verification. Type 1 for IT platforms that allow an exclusive control of signer’s interfaces, and with a Evaluation Assurance Level «EAL3» |
I.S. CWA 14172-3:2004 | EESSI CONFORMITY ASSESSMENT GUIDANCE - PART 3: TRUSTWORTHY SYSTEMS MANAGING CERTIFICATES FOR ELECTRONIC SIGNATURES |
UNE 71513:2011 | Applications with the Spanish DNIe. Electronic signature creation and verification. Type 2 for personal computers, and with a Evaluation Assurance Level «EAL3» |
UNE-ISO/IEC TR 15446:2013 IN | Information technology. Security techniques. Guide for the production of Protection Profiles and Security Targets |
CSA ISO/IEC 15026-1 : 2015 | SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY |
EN ISO 15118-1:2015 | Road vehicles - Vehicle to grid communication interface - Part 1: General information and use-case definition (ISO 15118-1:2013) |
I.S. CWA 14355:2004 | GUIDELINES FOR THE IMPLEMENTATION OF SECURE SIGNATURE-CREATION DEVICES |
BS 7799-1(2005) : 2005 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT |
NEMA CPSP 1 : 2015 | SUPPLY CHAIN BEST PRACTICES |
DIN EN 419251-2:2013-06 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 2: PROTECTION PROFILE FOR EXTENSION FOR TRUSTED CHANNEL TO CERTIFICATE GENERATION APPLICATION |
GS NFV-SEC 006 : 1.1.1 | NETWORK FUNCTIONS VIRTUALISATION (NFV); SECURITY GUIDE; REPORT ON SECURITY ASPECTS AND REGULATORY CONCERNS |
ISO/IEC 29167-11:2014 | Information technology — Automatic identification and data capture techniques — Part 11: Crypto suite PRESENT-80 security services for air interface communications |
PD ISO/IEC TR 15443-3:2007 | Information technology. Security techniques. A framework for IT security assurance Analysis of assurance methods |
04/30040790 DC : DRAFT MARCH 2004 | ISO/IEC DTR 15443-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IT SECURITY ASSURANCE - PART 2 - ASSURANCE METHODS |
04/30062174 DC : DRAFT JUN 2004 | ISO/IEC FCD 17799 - INFORMATION TECHNOLOGY - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT |
BS EN 419211-2:2013 | Protection profiles for secure signature creation device Device with key generation |
GS NFV-SEC 014 : 3.1.1 | NETWORK FUNCTIONS VIRTUALISATION (NFV) RELEASE 3; NFV SECURITY; SECURITY SPECIFICATION FOR MANO COMPONENTS AND REFERENCE POINTS |
DIN CEN ISO/TS 14907-1;DIN SPEC 91192:2015-12 | ELECTRONIC FEE COLLECTION - TEST PROCEDURES FOR USER AND FIXED EQUIPMENT - PART 1: DESCRIPTION OF TEST PROCEDURES (ISO/TS 14907-1:2015) |
BS ISO/IEC 15408-2:2005 | Information technology. Security techniques. Evaluation criteria for IT security Security functional requirements |
PD ISO/TR 18307:2001 | Health informatics. Interoperability and compatibility in messaging and communication standards. Key characteristics |
DIN EN 419251-1:2013-05 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 1: PROTECTION PROFILE FOR CORE FUNCTIONALITY |
BS ISO/IEC TR 15942:2000 | Information technology. Programming languages. Guide for the use of the Ada programming language in high integrity systems |
BS ISO/IEC 15408-3:2008 | Information technolgy. Security techniques. Evaluation criteria for IT security Security assurance components |
ES 202 382 : 1.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); SECURITY DESIGN GUIDE; METHOD AND PROFORMA FOR DEFINING PROTECTION PROFILES |
ISO/IEC TR 19791:2010 | Information technology Security techniques Security assessment of operational systems |
TS 187 001 : 3.9.1 | NETWORK TECHNOLOGIES (NTECH); NGN SECURITY (SEC); REQUIREMENTS |
SR 002 564 : 2.0.0 | APPLICABILITY OF EXISTING ETSI AND ETSI/3GPP DELIVERABLES TO EHEALTH |
BS IEC 62443-2-1 : 2010 | INDUSTRIAL COMMUNICATION NETWORKS - NETWORK AND SYSTEM SECURITY - PART 2-1: ESTABLISHING AN INDUSTRIAL AUTOMATION AND CONTROL SYSTEM SECURITY PROGRAM |
PD ISO/IEC TR 20004:2015 | Information technology. Security techniques. Refining software vulnerability analysis under ISO/IEC 15408 and ISO/IEC 18045 |
11/30199101 DC : 0 | BS ISO 12931 - PERFORMANCE CRITERIA FOR AUTHENTICATION SOLUTIONS FOR ANTI-COUNTERFEITING IN THE FIELD OF MATERIAL GOODS |
INCITS/ISO 19153 : 2014 | GEOGRAPHIC INFORMATION - GEOSPATIAL DIGITAL RIGHTS MANAGEMENT REFERENCE MODEL (GEODRM RM) |
12/30186137 DC : 0 | BS ISO/IEC 27002 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
07/30161079 DC : 0 | BS EN 14890-1 - APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 1: BASIC SERVICES |
BS EN 419251-3:2013 | Security requirements for device for authentication Additional functionality for security targets |
07/30162799 DC : 0 | BS ISO/IEC 15408-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 3: SECURITY ASSURANCE REQUIREMENTS |
07/30143790 DC : 0 | BS ISO/IEC 24759 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - TEST REQUIREMENTS FOR CRYPTOGRAPHIC MODULES |
ISA 99.02.01 : 2009 | SECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS: ESTABLISHING AN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS SECURITY PROGRAM |
10/30192143 DC : 0 | BS ISO/IEC 29128 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VERIFICATION OF CRYPTOGRAPHIC PROTOCOLS |
05/30107760 DC : DRAFT AUG 2005 | ISO/IEC 24713-1 - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 1: BIOMETRIC REFERENCE ARCHITECTURE |
07/30107763 DC : 0 | BS ISO/IEC 24713-2 - INFORMATION TECHNOLOGY - BIOMETRIC PROFILES FOR INTEROPERABILITY AND DATA INTERCHANGE - PART 2: PHYSICAL ACCESS CONTROL FOR EMPLOYEES AT AIRPORTS |
I.S. EN 419251-2:2013 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 2: PROTECTION PROFILE FOR EXTENSION FOR TRUSTED CHANNEL TO CERTIFICATE GENERATION APPLICATION |
BS ISO/IEC 27032:2012 | Information technology. Security techniques. Guidelines for cybersecurity |
IEC PAS 62601:2009 | Industrial communication networks - Fieldbus specifications - WIA-PA communication network and communication profile |
CSA ISO/IEC 15408-3 : 2009 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 3: SECURITY ASSURANCE COMPONENTS |
ISO/IEC 15026-1:2013 | Systems and software engineering Systems and software assurance Part 1: Concepts and vocabulary |
ISO/IEC TR 15443-3:2007 | Information technology Security techniques A framework for IT security assurance Part 3: Analysis of assurance methods |
CSA ISO/IEC 15408-2 : 2009 : R2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 2: SECURITY FUNCTIONAL COMPONENTS |
CAN/CSA-ISO/IEC 29167-12:16 | Information technology Automatic identification and data capture techniques Part 12: Crypto suite ECC-DH security services for air interface communication (Adopted ISO/IEC 29167-12:2015, first edition, 2015-05-15) |
BS ISO/IEC 15026-3:2015 | Systems and software engineering. Systems and software assurance System integrity levels |
TR 187 011 : 2.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); NGN SECURITY; APPLICATION OF ISO-15408-2 REQUIREMENTS TO ETSI STANDARDS - GUIDE, METHOD AND APPLICATION WITH EXAMPLES |
CEN/TR 16968:2016 | Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication |
ISO/IEC 19792:2009 | Information technology Security techniques Security evaluation of biometrics |
I.S. CWA 14169:2004 | SECURE SIGNATURE-CREATION DEVICES 'EAL 4+' |
TR 102 572 : 1.1.1 | BEST PRACTICES FOR HANDLING ELECTRONIC SIGNATURES AND SIGNED DATA FOR DIGITAL ACCOUNTING |
UNE 71510:2011 | Applications with the Spanish DNIe. Electronic signature creation and verification. Type 1 for IT platforms that allow an exclusive control of signer’s interfaces, and with a Evaluation Assurance Level «EAL1». |
TS 102 165-1 : 4.2.3 | CYBER; METHODS AND PROTOCOLS; PART 1: METHOD AND PRO FORMA FOR THREAT, VULNERABILITY, RISK ANALYSIS (TVRA) |
UNE EN 419211-2 : 2016 | PROTECTION PROFILES FOR SECURE SIGNATURE CREATION DEVICE - PART 2: DEVICE WITH KEY GENERATION |
UNI EN 419211-6 : 2014 | PROTECTION PROFILES FOR SECURE SIGNATURE CREATION DEVICE - PART 6: EXTENSION FOR DEVICE WITH KEY IMPORT AND TRUSTED CHANNEL TO SIGNATURE CREATION APPLICATION |
ISO/IEC 27032:2012 | Information technology — Security techniques — Guidelines for cybersecurity |
I.S. EN 419211-6:2014 | PROTECTION PROFILES FOR SECURE SIGNATURE CREATION DEVICE - PART 6: EXTENSION FOR DEVICE WITH KEY IMPORT AND TRUSTED CHANNEL TO SIGNATURE CREATION APPLICATION |
I.S. EN ISO 25110:2017 | ELECTRONIC FEE COLLECTION - INTERFACE DEFINITION FOR ON-BOARD ACCOUNT USING INTEGRATED CIRCUIT CARD (ICC) (ISO 25110:2017) |
PD ISO/IEC TR 15446:2009 | Information technology. Security techniques. Guide for the production of protection profiles and security targets |
TS 102 158 : 1.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR CERTIFICATION SERVICE PROVIDERS ISSUING ATTRIBUTE CERTIFICATES USABLE WITH QUALIFIED CERTIFICATES |
BS IEC 62601:2011 | Industrial communication networks. Fieldbus specifications. WIA-PA communication network and communication profile |
08/30182164 DC : DRAFT MAY 2008 | BS ISO 31000 - RISK MANAGEMENT - PRINCIPLES AND GUIDELINES ON IMPLEMENTATION |
CSA INFORMATION SECURITY PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION |
TS 102 181 : 1.2.1 | EMERGENCY COMMUNICATIONS (EMTEL); REQUIREMENTS FOR COMMUNICATION BETWEEN AUTHORITIES/ORGANIZATIONS DURING EMERGENCIES |
ISO/IEC 29167-12:2015 | Information technology Automatic identification and data capture techniques Part 12: Crypto suite ECC-DH security services for air interface communications |
BS ISO/IEC 29128:2011 | Information technology. Security techniques. Verification of cryptographic protocols |
BIS IS/ISO 21188 : 2006 | PUBLIC KEY INFRASTRUCTURE FOR FINANCIAL SERVICES - PRACTICES AND POLICY FRAMEWORK |
DIN EN 62601:2016-10 | Industrial networks - Wireless communication network and communication profiles - WIA-PA (IEC 62601:2015); English version EN 62601:2016 |
S.R. CEN/TS 419221-4:2016 | PROTECTION PROFILES FOR TSP CRYPTOGRAPHIC MODULES - PART 4: CRYPTOGRAPHIC MODULE FOR CSP SIGNING OPERATIONS WITHOUT BACKUP |
PD IEC/TR 80001-2-2:2012 | Application of risk management for IT-networks incorporating medical devices Guidance for the disclosure and communication of medical device security needs, risks and controls |
BS ISO/IEC 15026-1:2013 | Systems and software engineering. Systems and software assurance Concepts and vocabulary |
ISO/IEC 15026-3:2015 | Systems and software engineering — Systems and software assurance — Part 3: System integrity levels |
BS ISO/IEC TR 14516:2002 | Information technology. Security techniques. Guidelines for the use and management of trusted third party services |
UNI EN 419211-2 : 2014 | PROTECTION PROFILES FOR SECURE SIGNATURE CREATION DEVICE - PART 2: DEVICE WITH KEY GENERATION |
17/30347638 DC : 0 | BS EN ISO 15118-1 - ROAD VEHICLES - VEHICLE TO GRID COMMUNICATION INTERFACE - PART 1: GENERAL INFORMATION AND USE-CASE DEFINITION |
07/30162796 DC : 0 | BS ISO/IEC 15408-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 2: SECURITY FUNCTIONAL COMPONENTS |
CAN/CSA-ISO/IEC 15026-3:16 | Systems and software engineering - Systems and software assurance - Part 3: System integrity levels (Adopted ISO/IEC 15026-3:2015, second edition, 2015-12-01) |
UNI EN 419251-3 : 2013 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 3: ADDITIONAL FUNCTIONALITY FOR SECURITY TARGETS |
DD CEN ISO/TS 17574:2009 | Electronic fee collection. Guidelines for security protection profiles |
UNI EN 419251-1 : 2013 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 1: PROTECTION PROFILE FOR CORE FUNCTIONALITY |
ISO/TR 21089:2004 | Health informatics Trusted end-to-end information flows |
BS ISO/IEC 17799 : 2005 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT |
PD ISO/IEC/TR 19249:2017 | Information technology. Security techniques Catalogue of architectural and design principles for secure products, systems and applications |
17/30346588 DC : 0 | BS EN 419221-5 - PROTECTION PROFILES FOR TRUST SERVICE PROVIDER CRYPTOGRAPHIC MODULES - PART 5: CRYPTOGRAPHIC MODULE FOR TRUST SERVICES |
09/30207165 DC : 0 | BS EN 62601 - INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIA-PA COMMUNICATION NETWORK AND COMMUNICATION PROFILE |
DD CEN ISO/TS 25110:2008 | Electronic fee collection. Interface definition for on-board account using integrated circuit card (ICC) |
DD IEC/TS 62351-2:2008 | Power systems management and associated information exchange. Data and communications security Glossary of terms |
03/652682 DC : DRAFT NOV 2003 | BS ISO/IEC TR 15446 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDE FOR THE PRODUCTION OF PROTECTION PROFILES AND SECURITY TARGETS |
07/30161082 DC : 0 | BS EN 14890-2 - APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 2: ADDITIONAL SERVICES |
CSA ISO/IEC TR 15446 : 2010 : R2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDE FOR THE PRODUCTION OF PROTECTION PROFILES AND SECURITY TARGETS |
SR 019 020 : 1.1.2 | THE FRAMEWORK FOR STANDARDIZATION OF SIGNATURES; STANDARDS FOR ADES DIGITAL SIGNATURES IN MOBILE AND DISTRIBUTED ENVIRONMENTS |
TS 187 016 : 3.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); NGN SECURITY; IDENTITY PROTECTION (PROTECTION PROFILE) |
CR 14301:2002 | Health informatics - Framework for security protection of healthcare communication |
CAN/CSA-ISO/IEC 29167-14:16 | Information technology Automatic identification and data capture techniques Part 14: Crypto suite AES OFB security services for air interface communications (Adopted ISO/IEC 29167-14:2015, first edition, 2015-10-15) |
CSA ISO/IEC 15945 : 2004 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES |
CSA ISO/IEC 15408-3 : 2009 : R2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 3: SECURITY ASSURANCE COMPONENTS |
ES 202 383 : 1.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); SECURITY DESIGN GUIDE; METHOD AND PROFORMA FOR DEFINING SECURITY TARGETS |
S.R. CEN ISO/TS 25110:2013 | ELECTRONIC FEE COLLECTION - INTERFACE DEFINITION FOR ON-BOARD ACCOUNT USING INTEGRATED CIRCUIT CARD (ICC) (ISO/TS 25110:2013) |
S.R. CEN ISO/TS 17574:2017 | ELECTRONIC FEE COLLECTION - GUIDELINES FOR SECURITY PROTECTION PROFILES (ISO/TS 17574:2017) |
I.S. EN IEC 62443-4-1:2018 | SECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS - PART 4-1: SECURE PRODUCT DEVELOPMENT LIFECYCLE REQUIREMENTS |
ISO/IEC TR 14516:2002 | Information technology Security techniques Guidelines for the use and management of Trusted Third Party services |
GS ISI 001-2 : 1.1.2 | INFORMATION SECURITY INDICATORS (ISI); INDICATORS (INC); PART 2: GUIDE TO SELECT OPERATIONAL INDICATORS BASED ON THE FULL SET GIVEN IN PART 1 |
I.S. CWA 14838-2:2003 | FACILITATING SMART CARD TECHNOLOGY FOR ELECTRONIC TICKETING AND SEAMLESS TRAVEL - PART 2: DEVELOPMENT OF SMART CARD BASED INTEROPERABLE TICKETING SYSTEMS |
CAN/CSA-IEC/TS 62443-1-1:17 | Industrial communication networks — Network and system security — Part 1-1: Terminology, concepts and models (Adopted IEC technical specification 62443-1-1:2009, first edition, 2009-07) |
SAE J3061_201601 | Cybersecurity Guidebook for Cyber-Physical Vehicle Systems |
I.S. CWA 14172-1:2004 | EESSI CONFORMITY ASSESSMENT GUIDANCE - PART 1: GENERAL INTRODUCTION |
IEEE 1012-2012 | IEEE Standard for System and Software Verification and Validation |
TR 102 512 : 1.1.1 | TERRESTRIAL TRUNKED RADIO (TETRA); SECURITY; SECURITY REQUIREMENTS ANALYSIS FOR MODULATION ENHANCEMENTS TO TETRA |
I.S. CWA 14890-2:2004 | APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 2: ADDITIONAL SERVICES |
ISO/IEC 17799:2005 | Information technology Security techniques Code of practice for information security management |
AEP-67 : 2010 | ENGINEERING FOR SYSTEM ASSURANCE IN NATO PROGRAMMES |
I.S. CWA 14365:2003 | GUIDE ON THE USE OF ELECTRONIC SIGNATURES |
I.S. EN 419221-5:2018 | PROTECTION PROFILES FOR TSP CRYPTOGRAPHIC MODULES - PART 5: CRYPTOGRAPHIC MODULE FOR TRUST SERVICES |
CEN/TS 419221-2:2016 | Protection Profiles for TSP cryptographic modules - Part 2: Cryptographic module for CSP signing operations with backup |
I.S. CWA 14365-2:2004 | GUIDE ON THE USE OF ELECTRONIC SIGNATURES - PART 2: PROTECTION PROFILE FOR SOFTWARE SIGNATURE CREATION DEVICES |
ISO/IEC 29180:2012 | Information technology — Telecommunications and information exchange between systems — Security framework for ubiquitous sensor networks |
ISO/IEC 29147:2014 | Information technology Security techniques Vulnerability disclosure |
ISO/TS 25110:2013 | Electronic fee collection Interface definition for on-board account using integrated circuit card (ICC) |
I.S. CWA 14172-6:2004 | EESSI CONFORMITY ASSESSMENT GUIDANCE - PART 6: SIGNATURE-CREATION DEVICE SUPPORTING SIGNATURES OTHER THAN QUALIFIED |
IEC TS 62443-1-1:2009 | Industrial communication networks - Network and system security - Part 1-1: Terminology, concepts and models |
IEC TS 62351-2:2008 | Power systems management and associated information exchange - Data and communications security - Part 2: Glossary of terms |
S.R. CWA 15929:2009 | BEST PRACTICES FOR THE DESIGN AND DEVELOPMENT OF CRITICAL INFORMATION SYSTEMS |
I.S. CEN ISO TS 17574:2005 | ROAD TRANSPORT AND TRAFFIC TELEMATICS - ELECTRONIC FEE COLLECTION (EFC) - GUIDELINES FOR EFC SECURITY PROTECTION PROFILES |
IEC TR 80001-2-2:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-2: Guidance for the disclosure and communication of medical device security needs, risks and controls |
IEC TS 62224:2013 | Multimedia home server systems - Conceptual model for digital rights management |
ANSI X9.97-1 : 2009 | FINANCIAL SERVICES - SECURE CRYPTOGRAPHIC DEVICES (RETAIL) - PART 1: CONCEPTS, REQUIREMENTS AND EVALUATION METHODS |
IEC 62601:2015 | Industrial networks - Wireless communication network and communication profiles - WIA-PA |
ISO/TS 14907-1:2015 | Electronic fee collection Test procedures for user and fixed equipment Part 1: Description of test procedures |
ISO/TS 14441:2013 | Health informatics — Security and privacy requirements of EHR systems for use in conformity assessment |
ISO/TS 17574:2017 | Electronic fee collection — Guidelines for security protection profiles |
EN 419221-5:2018 | Protection Profiles for TSP Cryptographic Modules - Part 5: Cryptographic Module for Trust Services |
EN 419251-2:2013 | Security requirements for device for authentication - Part 2: Protection profile for extension for trusted channel to certificate generation application |
EN 419251-3:2013 | Security requirements for device for authentication - Part 3: Additional functionality for security targets |
EN 419251-1:2013 | Security requirements for device for authentication - Part 1: Protection profile for core functionality |
EN 419211-6:2014 | Protection profiles for secure signature creation device - Part 6: Extension for device with key import and trusted channel to signature creation application |
EN 419211-2:2013 | Protection profiles for secure signature creation device - Part 2: Device with key generation |
17/30355188 DC : 0 | BS ISO/IEC 24748-1 - SYSTEMS AND SOFTWARE ENGINEERING - LIFE CYCLE MANAGEMENT - PART 1: GUIDELINES FOR LIFE CYCLE MANAGEMENT |
PREN 50436-6 : DRAFT 2013 | ALCOHOL INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 6: DATA SECURITY |
08/30193508 DC : DRAFT NOV 2008 | BS EN 61508-1 - FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS - PART 1: GENERAL REQUIREMENTS |
17/30351732 DC : 0 | BS ISO/IEC 19896-1 - INFORMATION TECHNOLOGY - IT SECURITY TECHNIQUES - COMPETENCE REQUIREMENTS FOR INFORMATION SECURITY TESTERS AND EVALUATORS - PART 1: INTRODUCTION, CONCEPTS AND GENERAL REQUIREMENTS |
CSA ISO/IEC TR 15942 : 2004 : R2014 | INFORMATION TECHNOLOGY - PROGRAMMING LANGUAGES - GUIDE FOR THE USE OF THE ADA PROGRAMMING LANGUAGE IN HIGH INTEGRITY SYSTEMS |
DIN EN 419211-6:2014-12 | PROTECTION PROFILES FOR SECURE SIGNATURE CREATION DEVICE - PART 6: EXTENSION FOR DEVICE WITH KEY IMPORT AND TRUSTED CHANNEL TO SIGNATURE CREATION APPLICATION |
16/30338037 DC : 0 | BS ISO/IEC 30754 - INFORMATION TECHNOLOGY - SOFTWARE TRUSTWORTHINESS - GOVERNANCE AND MANAGEMENT - SPECIFICATION |
PD CEN/TS 419221-3:2016 | Protection Profiles for TSP Cryptographic modules Cryptographic module for CSP key generation services |
05/30107724 DC : DRAFT JAN 2005 | ISO/IEC 19794-1 - BIOMETRIC DATA INTERCHANGE - PART 1: FRAMEWORK |
PD IEC TR 62210:2003 | Power system control and associated communications. Data and communication security |
GS ISI 001-1 : 1.1.2 | INFORMATION SECURITY INDICATORS (ISI); INDICATORS (INC); PART 1: A FULL SET OF OPERATIONAL INDICATORS FOR ORGANIZATIONS TO USE TO BENCHMARK THEIR SECURITY POSTURE |
EN 319 411-1 : 1.2.2 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 1: GENERAL REQUIREMENTS |
TS 102 731 : 1.1.1 | INTELLIGENT TRANSPORT SYSTEMS (ITS); SECURITY; SECURITY SERVICES AND ARCHITECTURE |
PD CEN ISO/TS 14441:2013 | Health informatics. Security and privacy requirements of EHR systems for use in conformity assessment |
CSA ISO/IEC 15945 : 2004 : R2012 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES |
UNE-EN 419211-6:2016 | Protection profiles for secure signature creation device - Part 6: Extension for device with key import and trusted channel to signature creation application |
DD IEC TS 62224 : DRAFT 2007 | MULTIMEDIA HOME SERVER SYSTEMS - CONCEPTUAL MODEL FOR DIGITAL RIGHTS MANAGEMENT |
PD CEN/TS 419221-4:2016 | Protection Profiles for TSP cryptographic modules Cryptographic module for CSP signing operations without backup |
PD CEN ISO/TS 17574:2017 | Electronic fee collection. Guidelines for security protection profiles |
UNI EN 419251-2 : 2013 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 2: PROTECTION PROFILE FOR EXTENSION FOR TRUSTED CHANNEL TO CERTIFICATE GENERATION APPLICATION |
IEC TR 62210:2003 | Power system control and associated communications - Data and communication security |
INCITS/ISO/IEC 15292 : 2001 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - PROTECTION PROFILE REGISTRATION PROCEDURES |
ARINC 664-5 : 2005 | AIRCRAFT DATA NETWORK - PART 5: NETWORK DOMAIN CHARACTERISTICS AND INTERCONNECTION |
INCITS/ISO/IEC 19792 : 2012 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY EVALUATION OF BIOMETRICS |
PD CEN ISO/TS 25110:2013 | Electronic fee collection. Interface definition for on-board account using integrated circuit card (ICC) |
TR 187 014 : 2.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); ESECURITY; USER GUIDE TO ETVRA WEB-DATABASE |
IEEE/ISO/IEC 15026-1-2014 | IEEE Standard Adoption of ISO/IEC 15026-1--Systems and Software Engineering--Systems and Software Assurance--Part 1: Concepts and Vocabulary |
I.S. EN 419211-2:2013 | PROTECTION PROFILES FOR SECURE SIGNATURE CREATION DEVICE - PART 2: DEVICE WITH KEY GENERATION |
ISO/IEC 15292:2001 | Information technology - Security techniques - Protection Profile registration procedures |
IEEE 1074-2006 | IEEE Standard for Developing a Software Project Life Cycle Process |
S.R. CEN/TR 16968:2016 | ELECTRONIC FEE COLLECTION - ASSESSMENT OF SECURITY MEASURES FOR APPLICATIONS USING DEDICATED SHORT-RANGE COMMUNICATION |
I.S. EN 419251-3:2013 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 3: ADDITIONAL FUNCTIONALITY FOR SECURITY TARGETS |
I.S. EN CWA 14172-5:2004 | EESSI CONFORMITY ASSESSMENT GUIDANCE - PART 5: SECURE SIGNATURE CREATION DEVICES |
I.S. EN 419251-1:2013 | SECURITY REQUIREMENTS FOR DEVICE FOR AUTHENTICATION - PART 1: PROTECTION PROFILE FOR CORE FUNCTIONALITY |
17/30357420 DC : 0 | BS EN 419241-2 - TRUSTWORTHY SYSTEMS SUPPORTING SERVER SIGNING - PART 2: PROTECTION PROFILE FOR QSCD FOR SERVER SIGNING |
TS 102 556 : 1.1.1 | TELECOMMUNICATIONS AND INTERNET CONVERGED SERVICES AND PROTOCOLS FOR ADVANCED NETWORKING (TISPAN); PROTECTION PROFILE |
CSA ISO/IEC TS 24748-1 : 2018 | SYSTEMS AND SOFTWARE ENGINEERING - LIFE CYCLE MANAGEMENT - PART 1: GUIDELINES FOR LIFE CYCLE MANAGEMENT |
BS EN ISO 25110:2017 | Electronic fee collection. Interface definition for on-board account using integrated circuit card (ICC) |
I.S. CR 14301:2002 | HEALTH INFORMATICS - FRAMEWORK FOR SECURITY PROTECTION OF HEALTHCARE COMMUNICATION |
I.S. CWA 14172-4:2004 | EESSI CONFORMITY ASSESSMENT GUIDANCE - PART 4: SIGNATURE CREATION APPLICATIONS AND GENERAL GUIDELINES FOR ELECTRONIC SIGNATURE VERIFICATION |
ISO/TR 11636:2009 | Health Informatics Dynamic on-demand virtual private network for health information infrastructure |
CEN/TS 419221-4:2016 | Protection Profiles for TSP cryptographic modules - Part 4: Cryptographic module for CSP signing operations without backup |
CEN/TS 419221-3:2016 | Protection Profiles for TSP Cryptographic modules - Part 3: Cryptographic module for CSP key generation services |
CEN ISO/TS 14907-1:2015 | Electronic fee collection - Test procedures for user and fixed equipment - Part 1: Description of test procedures (ISO/TS 14907-1:2015) |
CSA ISO/IEC 27003 : 2010 : R2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION GUIDANCE |
CSA ISO/IEC 27003 : 2010 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION GUIDANCE |
ISA 99.00.01 : 2007 | SECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS - PART 1: TERMINOLOGY, CONCEPTS, AND MODELS |
AS ISO 13491.1:2019 | Financial services - Secure cryptographic devices (retail) Concepts, requirements and evaluation methods |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
IEEE 610.12-1990 | IEEE Standard Glossary of Software Engineering Terminology |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
ISO/IEC 15292:2001 | Information technology - Security techniques - Protection Profile registration procedures |
ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
AS ISO 13491.2:2019 | Financial services - Secure cryptographic devices (retail) Security compliance checklists for devices used in financial transactions |
ISO/IEC TR 19791:2010 | Information technology Security techniques Security assessment of operational systems |
ISO/IEC TR 15446:2017 | Information technology Security techniques Guidance for the production of protection profiles and security targets |
ISO/IEC 18045:2008 | Information technology — Security techniques — Methodology for IT security evaluation |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.