UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ANSI - INCITS/ISO/IEC TR 19791

Information technology - Security techniques - Security assessment of operational systems (Technical Report)

active, Most Current
Buy Now
Organization: ANSI
Publication Date: 1 January 2006
Status: active
Page Count: 174
scope:

This Technical Report provides guidance and criteria for the security evaluation of operational systems. It provides an extension to the scope of ISO/IEC 15408, by taking into account a number of critical aspects of operational systems not addressed in ISO/IEC 15408 evaluation. The principal extensions that are required address evaluation of the operational environment surrounding the TOE, and the decomposition of complex operational systems into security domains that can be separately evaluated.

This Technical Report provides

a) a definition and model for operational systems;

b) a description of the extensions to ISO/IEC 15408 evaluation concepts needed to evaluate such operational systems;

c) a methodology and process for performing the security evaluation of operational systems;

d) additional security evaluation criteria to address those aspects of operational systems not covered by the ISO/IEC 15408 evaluation criteria.

This Technical Report permits the incorporation of security products evaluated against ISO/IEC 15408 into operational systems evaluated as a whole using this Technical Report.

This Technical Report is limited to the security evaluation of operational systems and does not consider other forms of system assessment. It does not define techniques for the identification, assessment and acceptance of operational risk.

Document History

INCITS/ISO/IEC TR 19791
January 1, 2006
Information technology - Security techniques - Security assessment of operational systems (Technical Report)
This Technical Report provides guidance and criteria for the security evaluation of operational systems. It provides an extension to the scope of ISO/IEC 15408, by taking into account a number of...

References

Advertisement