ISO/IEC TR 15443-2:2005 信息技术-安全技术 IT安全的评价标准 第2部分： （质量）保证方法

标准编号：ISO/IEC TR 15443-2:2005

中文名称：信息技术-安全技术 IT安全的评价标准 第2部分： （质量）保证方法

英文名称：Information technology — Security techniques — A framework for IT security assurance — Part 2: Assurance methods

发布日期：2005-09

标准范围

ISO/IEC TR 15443-2:2005描述了各种IT安全保证方法和途径，并将其与ISO/IEC TR 15443-1中的IT安全保证框架相关联。重点是确定有助于保证的保证方法和要素的定性属性，并在可能的情况下定义保证评级。本材料旨在让IT安全专业人员了解如何在产品或服务的给定生命周期阶段获得保证。目的是描述和分类保证方法和方法，以便审查其可比性和协同性。这将有助于为给定的IT安全产品、系统或服务及其特定环境选择适当的保证方法或可能的保证方法组合。

ISO/IEC TR 15443-2:2005 describes a variety of IT security assurance methods and approaches and relates them to the IT security assurance framework in ISO/IEC TR 15443-1. The emphasis is to identify qualitative properties of the assurance methods and elements that contribute to assurance, and where possible, to define assurance ratings. This material is intended for IT security professionals for the understanding of how to obtain assurance in a given life-cycle stage of a product or service.The objective is to describe and categorize assurance methods and approaches in a manner enabling a review of their comparable and synergetic properties. This will facilitate selection of the appropriate assurance method or and possible combination of assurance methods for a given IT security product, system, or service and its specific environment.

标准预览图