UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

CSA ISO/IEC TS 19608

Guidance for developing security and privacy functional requirements based on ISO/IEC 15408

active, Most Current
Buy Now
Organization: CSA
Publication Date: 1 January 2019
Status: active
Page Count: 66
ICS Code (IT Security): 35.030
scope:

This document provides guidance for:

- selecting and specifying security functional requirements (SFRs) from ISO/IEC 15408-2 to protect Personally Identifiable Information (PII);

- the procedure to define both privacy and security functional requirements in a coordinated manner; and

- developing privacy functional requirements as extended components based on the privacy principles defined in ISO/IEC 29100 through the paradigm described in ISO/IEC 15408-2.

The intended audience for this document are:

- developers who implement products or systems that deal with PII and want to undergo a security evaluation of those products using ISO/IEC 15408. They will get guidance how to select security functional requirements for the Security Target of their product or system that map to the privacy principles defined in ISO/IEC 29100;

- authors of Protection Profiles that address the protection of PII; and

- evaluators that use ISO/IEC 15408 and ISO/IEC 18045 for a security evaluation.

This document is intended to be fully consistent with ISO/IEC 15408; however, in the event of any inconsistency between this document and ISO/IEC 15408, the latter, as a normative standard, takes precedence.

Document History

CSA ISO/IEC TS 19608
January 1, 2019
Guidance for developing security and privacy functional requirements based on ISO/IEC 15408
This document provides guidance for: — selecting and specifying security functional requirements (SFRs) from ISO/IEC 15408-2 to protect Personally Identifiable Information (PII); — the procedure to...

References

Advertisement