Pdf — Iso Iec 15408

How the system knows who a user is. Part 3: Security Assurance Components

The back of Part 2 and Part 3 contain cross-reference tables. If you have a requirement from a customer (e.g., "We need FDP_ACC.2"), the annex tells you which page number to flip to. iso iec 15408 pdf

ISO/IEC 15408, widely known as the , is the international standard for evaluating the security functionality and assurance of IT products and systems. The standard provides a framework for consumers to specify security requirements and for developers to have their products independently evaluated. Structure of ISO/IEC 15408 (2022 Edition) How the system knows who a user is

The lab performs independent functional testing based on the ST you wrote. They also conduct penetration testing to ensure no obvious "back doors" exist. The PDF (Part 2) lists specific tests for functions like "FAU_GEN.1" (Audit data generation). ISO/IEC 15408, widely known as the , is

– Catalogs requirements for security behavior, such as access control, cryptography, and audit capabilities.

The primary goal of ISO/IEC 15408 is to provide confidence to consumers that a product's security features—whether implemented in hardware, software, or firmware—meet specific, documented requirements. Unlike , which focuses on an organization's overall management processes, ISO/IEC 15408 is strictly product-oriented . The Five Parts of ISO/IEC 15408:2022