By mastering this standard, you stop relying on vague promises of "security" and start speaking the global language of IT trust.
The primary objective of ISO/IEC 15408 is to bridge the gap between the security needs of consumers and the security implementations provided by developers. Before the adoption of the Common Criteria, security evaluations were often fragmented, with different standards applying in different countries. ISO/IEC 15408 harmonized these requirements, allowing a product certified in one participating country to be recognized in others. This mutual recognition saves time, reduces costs, and increases confidence in IT security products globally.
Visual review of specifications; basic functional testing. iso iec 15408 pdf
– Outlines measures to ensure security functions are implemented correctly, including development and testing procedures.
Assurance components are presented within a hierarchical order of assurance classes, families, and components, and guidance is provided on the organization of new assurance requirements. By mastering this standard, you stop relying on
A numerical scale (1–7) representing the depth and rigor of the product evaluation. Demystifying Evaluation Assurance Levels (EAL)
ISO/IEC 15408 is an international standard that provides a framework for evaluating the security properties of IT products and systems. It allows vendors to claim security functionalities and provides a rigorous methodology for independent testing, ensuring that products meet specific security requirements. – Outlines measures to ensure security functions are
ISO/IEC 15408 is a framework that allows IT products to be evaluated against a set of rigorously tested security requirements. It originated from several legacy standards and was developed to create a globally recognized security assurance framework. Key Goals of ISO/IEC 15408
The Security Target is the document produced by a vendor that identifies the specific security features and claims for their product, along with the claims of assurance that the evaluation will confirm.
Disclaimer: This article is for informational purposes. Standard documents are subject to copyright laws. Always verify you are downloading the latest revision (currently version 3.1 revision 5 or newer) from official sources.
An authorized security testing laboratory evaluates the product against the ST and the ISO/IEC 15408 standards.