ISO/IEC 15408-3:2008 信息技术 安全技术 IT安全的评估准则 第3部分：安全保证组件

标准编号：ISO/IEC 15408-3:2008

中文名称：信息技术 安全技术 IT安全的评估准则 第3部分：安全保证组件

英文名称：Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components

发布日期：2008-08

标准范围

ISO/IEC 15408-3:20 08定义了评价标准的保证要求。它包括定义用于测量评估组件目标（TOE）的保证的尺度的评估保证级别、定义用于测量组合TOE的保证的尺度的组合保证包、组成保证级别和包的单个保证组件以及保护配置文件和安全目标的评估标准。ISO/IEC 15408-3:20 08以保证类别、族和组件的形式定义了保证要求的内容和表述，并为新保证要求的组织提供了指导。保证族中的保证组件按层次顺序呈现。

ISO/IEC 15408-3:2008 defines the assurance requirements of the evaluation criteria. It includes the evaluation assurance levels that define a scale for measuring assurance for component targets of evaluation (TOEs), the composed assurance packages that define a scale for measuring assurance for composed TOEs, the individual assurance components from which the assurance levels and packages are composed, and the criteria for evaluation of protection profiles and security targets.

ISO/IEC 15408-3:2008 defines the content and presentation of the assurance requirements in the form of assurance classes, families and components and provides guidance on the organization of new assurance requirements. The assurance components within the assurance families are presented in a hierarchical order.

标准预览图