Verfügbarkeit: Using the common criteria for IT security evaluation

Using the common criteria for IT security evaluation:

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Herrmann, Debra S. (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Boca Raton, Fla. [u.a.] Auerbach c2003
Schlagworte:	Telecommunication > Security measures > Standards Telecommunication > Security measures > Evaluation Computer security > Standards Information technology > Standards Telekommunikationsnetz Datensicherung Computersicherheit Messung Evaluation Numerisches Gitter
Online-Zugang:	Publisher description Inhaltsverzeichnis
Beschreibung:	XVI, 288 S. graph. Darst.
ISBN:	0849314046

Internformat

MARC


LEADER	00000nam a2200000zc 4500
001	BV035693890
003	DE-604
005	20091006
007	t
008	090825s2003 xxud\|\|\| \|\|\|\| 00\|\|\| eng d
010			\|a 2002033250
020			\|a 0849314046 \|c alk. paper \|9 0-8493-1404-6
035			\|a (OCoLC)50561866
035			\|a (DE-599)BVBBV035693890
040			\|a DE-604 \|b ger \|e aacr
041	0		\|a eng
044			\|a xxu \|c US
049			\|a DE-355 \|a DE-473
050		0	\|a TK5102.85
082	0		\|a 005.8
084			\|a ST 276 \|0 (DE-625)143642: \|2 rvk
100	1		\|a Herrmann, Debra S. \|e Verfasser \|4 aut
245	1	0	\|a Using the common criteria for IT security evaluation \|c Debra S. Herrmann
264		1	\|a Boca Raton, Fla. [u.a.] \|b Auerbach \|c c2003
300			\|a XVI, 288 S. \|b graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650		4	\|a Telecommunication \|x Security measures \|x Standards
650		4	\|a Telecommunication \|x Security measures \|x Evaluation
650		4	\|a Computer security \|x Standards
650		4	\|a Information technology \|x Standards
650	0	7	\|a Telekommunikationsnetz \|0 (DE-588)4133586-7 \|2 gnd \|9 rswk-swf
650	0	7	\|a Datensicherung \|0 (DE-588)4011144-1 \|2 gnd \|9 rswk-swf
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
650	0	7	\|a Messung \|0 (DE-588)4038852-9 \|2 gnd \|9 rswk-swf
650	0	7	\|a Evaluation \|0 (DE-588)4071034-8 \|2 gnd \|9 rswk-swf
650	0	7	\|a Numerisches Gitter \|0 (DE-588)4286867-1 \|2 gnd \|9 rswk-swf
689	0	0	\|a Telekommunikationsnetz \|0 (DE-588)4133586-7 \|D s
689	0	1	\|a Numerisches Gitter \|0 (DE-588)4286867-1 \|D s
689	0	2	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0	3	\|a Datensicherung \|0 (DE-588)4011144-1 \|D s
689	0	4	\|a Messung \|0 (DE-588)4038852-9 \|D s
689	0	5	\|a Evaluation \|0 (DE-588)4071034-8 \|D s
689	0		\|C b \|5 DE-604
856	4		\|u http://www.loc.gov/catdir/enhancements/fy0646/2002033250-d.html \|3 Publisher description
856	4	2	\|m Digitalisierung UB Regensburg \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017747923&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-017747923

Datensatz im Suchindex

_version_	1804139406573961216
adam_text	Table of Contents List of Exhibits .........................................................................................................................xiii Chapter 1 Introduction ........................................................................1 1.0 Background ..............................................................................................................1 1.1 Purpose .....................................................................................................................2 1.2 Scope ........................................................................................................................2 1.3 Intended Audience ..................................................................................................2 1.4 Organization .............................................................................................................2 Chapter 2 What Are the Common Criteria? ...........................................5 2.0 History ......................................................................................................................5 2.1 Purpose and Intended Use ...................................................................................10 2.2 Major Components of the Methodology and How They Work ........................12 2.2.1 The CC ............................................................................................................12 2.2.2 The CEM .........................................................................................................32 2.3 Relationship to Other Standards ........................................................................... 33 2.4 CC User Community and Stakeholders ...............................................................44 2.5 Future of the CC .................................................................................................... 47 2.6 Summary .................................................................................................................54 2.7 Discussion Problems .............................................................................................56 Chapter 3 Specifying Security Requirements: The Protection Profile .............................................................57 3.0 Purpose ................................................................................................................... 57 3.1 Structure .................................................................................................................. 60 3.2 Section 1: Introduction ..........................................................................................62 3.2.1 PP Identification ............................................................................................. 63 3.2.2 PP Overview ................................................................................................... 63 3.3 Section 2: TOE Description ................................................................................... 67 3.3.1 General Functionality ..................................................................................... 67 3.3.2 TOE Boundaries ............................................................................................. 70 3.4 Section 3: TOE Security Environment .................................................................73 3.4.1 Assumptions ...................................................................................................73 ix 3.4.2 Threats ............................................................................................................74 3.4.3 Organizational Security Policies ....................................................................76 3.5 Section 4: Security Objectives ..............................................................................79 3.6 Section 5: Security Requirements .........................................................................86 3.6.1 Security Functional Requirements (SFRs) ..................................................... 89 3.6.2 Security Assurance Requirements (SARs) ...................................................105 3.6.3 Security Requirements for the IT Environment .........................................113 3.6.4 Security Requirements for the Νοη-ΓΓ Environment ................................117 3.7 Section 6: PP Application Notes ........................................................................118 3.8 Section 7: Rationale ............................................................................................. 118 3.8.1 Security Objectives Rationale ......................................................................119 3.8.2 Security Requirements Rationale ................................................................120 3.9 Summary ...............................................................................................................121 3.10 Discussion Problems .......................................................................................... 123 Chapter 4 Designing a Security Architecture: The Security Target ...................................................................125 ^Purpose .................................................................................................................125 4.1 Structure .................................................................................................................127 4.2 Section 1: Introduction .........................................................................................131 4.2.1 ST Identification ...........................................................................................131 4.2.2 ST Overview ................................................................................................. 132 4.3 Section 2: TOE Description ..................................................................................133 4.3.1 System Type .................................................................................................134 4.3-2 Architecture ..................................................................................................134 4.3.3 Security Boundaries .....................................................................................135 4.4 Section 3: Security Environment ..........................................................................136 4.4.1 Assumptions .................................................................................................136 4.4.2 Threats ..........................................................................................................138 4.4.3 Organizational Security Policies ..................................................................139 4.5 Section 4: Security Objectives ..............................................................................139 4.6 Section 5: Security Requirements .........................................................................142 4.6.1 Security Functional Requirements (SFRs) ..................................................142 4.6.2 Security Assurance Requirements (SARs) ....................................................147 4.6.3 Security Requirements for the ΓΓ Environment .........................................147 4.6.4 Security Requirements for the Non-IT Environment ................................. 149 4.7 Section 6: Summary Specification ........................................................................150 4.7.1 TOE Security Functions ...............................................................................150 4.7.2 Security Assurance Measures ......................................................................155 4.8 Section 7: PP Claims .............................................................................................156 4.8.1 PP Reference ................................................................................................. I56 4.8.2 PP Tailoring ....................................,.............................................................158 4.8.3 PP Additions ................................................................................................. 158 4.9 Section 8: Rationale ..............................................................................................158 4.9.I Security Objectives Rationale ...................................................................... I6O 4.9-2 Security Requirements Rationale ................................................................. I60 4.9.З TOE Summary Specification Rationale ........................................................167 4.9-4 PP Claims Rationale ..................................................................................... I69 4.10 Summary .............................................................................................................. I70 4.11 Discussion Problems .......................................................................................... I73 Table of Contents xi Chapter 5 Verifying a Security Solution: Security Assurance Activities ..............................................................175 5.0 Purpose .................................................................................................................175 5.1 КОЛЕС 15408-3 ..................................................................................................178 5.1.1 EALs ..............................................................................................................179 5.1.2 PP Evaluation ...............................................................................................200 5.1.3 ST Evaluation ...............................................................................................202 5.1.4 TOE Evaluation ............................................................................................204 5.1.5 Maintenance of Assurance Evaluation ........................................................ 206 5.2 Common Evaluation Methodology (СЕМ) ........................................................ 209 5.3 National Evaluation Schemes ..............................................................................217 5.4 Interpretation of Results ......................................................................................225 5.5 Relation to Security Certification and Accreditation Activities (C&A) ............. 228 5.6 Summary ...............................................................................................................232 5.7 Discussion Problems ...........................................................................................233 Chapter 6 Postscript ..................................................................................235 6.0 ASE: Security Target Evaluation .......................................................................... 235 6.1 AVA: Vulnerability Analysis and Penetration Testing ........................................236 6.2 Services Contracts ................................................................................................237 6.3 Schedules for New CC Standards (КОЛЕС and CCIMB) ................................237 Annex A: Glossary of Acronyms and Terms .........................................239 Annex B: Additional Resources ...............................................................253 Standards, Regulations, and Policy ...........................................................................253 Historical ................................................................................................................253 Current ...................................................................................................................254 Publications ................................................................................................................. 257 Online Resources .......................................................................................................258 Annex C: Common Criteria Recognition Agreement (CCRA) Participants .................................................................261 Australia and New Zealand .......................................................................................262 Canada ........................................................................................................................ 262 Finland ......................................................................................................................... 262 France .......................................................................................................................... 263 Germany ...................................................................................................................... 263 Greece ......................................................................................................................... 263 Israel ............................................................................................................................263 Italy .............................................................................................................................264 The Netherlands ......................................................................................................... 264 Norway ........................................................................................................................ 264 Spain ............................................................................................................................ 264 Sweden .......................................................................................................................265 United Kingdom ......................................................................................................... 2б5 United States ............................................................................................................... 265 XII Annex D: Accredîted Common Criteria Testing Labs .........................267 Australia and New Zealand .......................................................................................267 Canada ......................................................................................................................... 268 France ...........................................................................................................................269 Germany ...................................................................................................................... 270 United Kingdom .........................................................................................................271 United States ...............................................................................................................273 Annex E: Accredited Cryptographic Module Testing Laboratories .....275 Canada ......................................................................................................................... 275 United States ............................................................................................................... 276 Annex F: Glossary of Classes and Families ..........................................279 Index ............................................................................................................283
any_adam_object	1
author	Herrmann, Debra S.
author_facet	Herrmann, Debra S.
author_role	aut
author_sort	Herrmann, Debra S.
author_variant	d s h ds dsh
building	Verbundindex
bvnumber	BV035693890
callnumber-first	T - Technology
callnumber-label	TK5102
callnumber-raw	TK5102.85
callnumber-search	TK5102.85
callnumber-sort	TK 45102.85
callnumber-subject	TK - Electrical and Nuclear Engineering
classification_rvk	ST 276
ctrlnum	(OCoLC)50561866 (DE-599)BVBBV035693890
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02229nam a2200541zc 4500</leader><controlfield tag="001">BV035693890</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20091006 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">090825s2003 xxud\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2002033250</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0849314046</subfield><subfield code="c">alk. paper</subfield><subfield code="9">0-8493-1404-6</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)50561866</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV035693890</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">xxu</subfield><subfield code="c">US</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-355</subfield><subfield code="a">DE-473</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK5102.85</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Herrmann, Debra S.</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Using the common criteria for IT security evaluation</subfield><subfield code="c">Debra S. Herrmann</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boca Raton, Fla. [u.a.]</subfield><subfield code="b">Auerbach</subfield><subfield code="c">c2003</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XVI, 288 S.</subfield><subfield code="b">graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Telecommunication</subfield><subfield code="x">Security measures</subfield><subfield code="x">Standards</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Telecommunication</subfield><subfield code="x">Security measures</subfield><subfield code="x">Evaluation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield><subfield code="x">Standards</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Information technology</subfield><subfield code="x">Standards</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Telekommunikationsnetz</subfield><subfield code="0">(DE-588)4133586-7</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Messung</subfield><subfield code="0">(DE-588)4038852-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Evaluation</subfield><subfield code="0">(DE-588)4071034-8</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Numerisches Gitter</subfield><subfield code="0">(DE-588)4286867-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Telekommunikationsnetz</subfield><subfield code="0">(DE-588)4133586-7</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Numerisches Gitter</subfield><subfield code="0">(DE-588)4286867-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="3"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="4"><subfield code="a">Messung</subfield><subfield code="0">(DE-588)4038852-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="5"><subfield code="a">Evaluation</subfield><subfield code="0">(DE-588)4071034-8</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="C">b</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2=" "><subfield code="u">http://www.loc.gov/catdir/enhancements/fy0646/2002033250-d.html</subfield><subfield code="3">Publisher description</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017747923&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-017747923</subfield></datafield></record></collection>
id	DE-604.BV035693890
illustrated	Illustrated
indexdate	2024-07-09T21:43:35Z
institution	BVB
isbn	0849314046
language	English
lccn	2002033250
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-017747923
oclc_num	50561866
open_access_boolean
owner	DE-355 DE-BY-UBR DE-473 DE-BY-UBG
owner_facet	DE-355 DE-BY-UBR DE-473 DE-BY-UBG
physical	XVI, 288 S. graph. Darst.
publishDate	2003
publishDateSearch	2003
publishDateSort	2003
publisher	Auerbach
record_format	marc
spelling	Herrmann, Debra S. Verfasser aut Using the common criteria for IT security evaluation Debra S. Herrmann Boca Raton, Fla. [u.a.] Auerbach c2003 XVI, 288 S. graph. Darst. txt rdacontent n rdamedia nc rdacarrier Telecommunication Security measures Standards Telecommunication Security measures Evaluation Computer security Standards Information technology Standards Telekommunikationsnetz (DE-588)4133586-7 gnd rswk-swf Datensicherung (DE-588)4011144-1 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Messung (DE-588)4038852-9 gnd rswk-swf Evaluation (DE-588)4071034-8 gnd rswk-swf Numerisches Gitter (DE-588)4286867-1 gnd rswk-swf Telekommunikationsnetz (DE-588)4133586-7 s Numerisches Gitter (DE-588)4286867-1 s Computersicherheit (DE-588)4274324-2 s Datensicherung (DE-588)4011144-1 s Messung (DE-588)4038852-9 s Evaluation (DE-588)4071034-8 s b DE-604 http://www.loc.gov/catdir/enhancements/fy0646/2002033250-d.html Publisher description Digitalisierung UB Regensburg application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017747923&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Herrmann, Debra S. Using the common criteria for IT security evaluation Telecommunication Security measures Standards Telecommunication Security measures Evaluation Computer security Standards Information technology Standards Telekommunikationsnetz (DE-588)4133586-7 gnd Datensicherung (DE-588)4011144-1 gnd Computersicherheit (DE-588)4274324-2 gnd Messung (DE-588)4038852-9 gnd Evaluation (DE-588)4071034-8 gnd Numerisches Gitter (DE-588)4286867-1 gnd
subject_GND	(DE-588)4133586-7 (DE-588)4011144-1 (DE-588)4274324-2 (DE-588)4038852-9 (DE-588)4071034-8 (DE-588)4286867-1
title	Using the common criteria for IT security evaluation
title_auth	Using the common criteria for IT security evaluation
title_exact_search	Using the common criteria for IT security evaluation
title_full	Using the common criteria for IT security evaluation Debra S. Herrmann
title_fullStr	Using the common criteria for IT security evaluation Debra S. Herrmann
title_full_unstemmed	Using the common criteria for IT security evaluation Debra S. Herrmann
title_short	Using the common criteria for IT security evaluation
title_sort	using the common criteria for it security evaluation
topic	Telecommunication Security measures Standards Telecommunication Security measures Evaluation Computer security Standards Information technology Standards Telekommunikationsnetz (DE-588)4133586-7 gnd Datensicherung (DE-588)4011144-1 gnd Computersicherheit (DE-588)4274324-2 gnd Messung (DE-588)4038852-9 gnd Evaluation (DE-588)4071034-8 gnd Numerisches Gitter (DE-588)4286867-1 gnd
topic_facet	Telecommunication Security measures Standards Telecommunication Security measures Evaluation Computer security Standards Information technology Standards Telekommunikationsnetz Datensicherung Computersicherheit Messung Evaluation Numerisches Gitter
url	http://www.loc.gov/catdir/enhancements/fy0646/2002033250-d.html http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017747923&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT herrmanndebras usingthecommoncriteriaforitsecurityevaluation

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge