TOLL FREE · 1-888-361-0003  Our Customer Support is ready to help!
Search
Canada's best source for construction industry publications.
My Cart
(
Menu
Shop By:
Codes and Guides
Building
Concrete
Electrical
Fire
On-Site Sewage
Plumbing and HVAC
Standards
CFAA Training
Fire Alarm Technician Training Program
Continuing Education
Programme de formation de technicien en alarme incendie
Exam Prep
BCIN
Red Seal
Master Electrician
Continuing Education
Building
Concrete
Electrical
Fire
On-Site Sewage
Plumbing and HVAC
Account
  • Home
  • Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model (Adopted ISO/IEC 15408-1:2009, third edition, 2009-12-15)
main product photo
Formats Available: Online, Print
Product Overview

CAN/CSA-ISO/IEC 15408-1-10 (R2015)

CSA Group Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model (Adopted ISO/IEC 15408-1:2009, third edition, 2009-12-15)

Total
As low as $204.00
Select Format Required

More About This Product

Description
Preface Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). This Standard supersedes CAN/CSA-ISO/IEC 15408-1-06 (adoption of ISO/IEC 15408-1:2005, second addition, 2005-10-01). At the time of publication, ISO/IEC 15408-1:2009 is available from ISO and IEC in English only. CSA will publish the French version when it becomes available from ISO and IEC. Scope This part of ISO/IEC 15408 establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the International Standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products. It provides an overview of all parts of ISO/IEC 15408. It describes the various parts of the standard; defines the terms and abbreviations to be used in all parts of the International Standard; establishes the core concept of a Target of Evaluation (TOE); the evaluation context; and describes the audience to which the evaluation criteria are addressed. An introduction to the basic security concepts necessary for evaluation of IT products is given. It defines the various operations by which the functional and assurance components given in ISO/IEC 15408-2 and ISO/IEC 15408-3 may be tailored through the use of permitted operations. The key concepts of protection profiles (PP), packages of security requirements and the topic of conformance are specified and the consequences of evaluation and evaluation results are described. This part of ISO/IEC 15408 gives guidelines for the specification of Security Targets (ST) and provides a description of the organization of components throughout the model. General information about the evaluation methodology is given in ISO/IEC 18045 and the scope of evaluation schemes is provided.  
Preface Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). This Standard supersedes CAN/CSA-ISO/IEC 15408-1-06 (adoption of ISO/IEC 15408-1:2005, second addition, 2005-10-01). At the time of publication, ISO/IEC 15408-1:2009 is available from ISO and IEC in English only. CSA will publish the French version when it becomes available from ISO and IEC. Scope This part of ISO/IEC 15408 establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the International Standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products. It provides an overview of all parts of ISO/IEC 15408. It describes the various parts of the standard; defines the terms and abbreviations to be used in all parts of the International Standard; establishes the core concept of a Target of Evaluation (TOE); the evaluation context; and describes the audience to which the evaluation criteria are addressed. An introduction to the basic security concepts necessary for evaluation of IT products is given. It defines the various operations by which the functional and assurance components given in ISO/IEC 15408-2 and ISO/IEC 15408-3 may be tailored through the use of permitted operations. The key concepts of protection profiles (PP), packages of security requirements and the topic of conformance are specified and the consequences of evaluation and evaluation results are described. This part of ISO/IEC 15408 gives guidelines for the specification of Security Targets (ST) and provides a description of the organization of components throughout the model. General information about the evaluation methodology is given in ISO/IEC 18045 and the scope of evaluation schemes is provided.