Definition of Evaluation Assurance Level for ISO/IEC 19791 (Security Assessment of Operational Systems)

ISO/IEC 19791 that is evaluation scheme of information security operational system, is not defined Evaluation-Assurance-Level (i.e., EAL) like ISO/IEC 15408 (i.e., Common Criteria, CC) that is evaluation scheme of information security product. In this paper, ISO/IEC 19791 that is evaluation and certification on operational system defined EAL, from ELA 1 up to EAL 7. And ISO/IEC 19791 calculated relative rate of evaluation effort of each EAL. Information security scheme (i.e., TCSEC, ITSEC and CC) of 'Product' level defined EAL, from EAL 1 up to EAL 7. And Information security scheme (i.e., CMVP) of 'Cryptographic modules' level defined EAL, from EAL 1 up to EAL 4. Also, Information security scheme (i.e., SSE-CMM) of 'Process' level defined EAL, from EAL 1 up to EAL 5.

Provided by: Science and Development Network (SciDev.Net) Topic: Security Date Added: Oct 2011 Format: PDF

Find By Topic