Security Case and Design Good Practice

Get Revising

Created by: Kath_Siobhan
Created on: 16-10-18 15:38

Framework Core Functions

Identify - Protect - Detect - Respond - Recover

1 of 16

Framework Implementation Tiers

1 - Partial 2 - Risk Informed 3 - Repeatable 4 - Adaptive

2 of 16

Control Set of TL0

None

3 of 16

Control Set of TL1

TS Essentials

4 of 16

Control Set of TL2

Baseline TS Controls

5 of 16

Control Set of TL3

TS Framework

6 of 16

Control Set of TL4

Comprehensive TS Controls

7 of 16

Trustworthiness Facets

Safety Reliability Availability Resilience Security

8 of 16

TS Essentials (Subset Of TS Framework)

Scope for Use Coding Practices Use Tools Effectively Defect Management Artifact Management

9 of 16

Common Criteria

The International Standard for computer security verification. Standardised as ISO 15408. It is the framework in which the security claims about a product can be independently verified.

10 of 16

Target of Evaluation (TOE)

System or Product that is the subject of evaluation

11 of 16

Protection Profile

A document identifying security requirements relevant to those users.

12 of 16

Security Target

Document Identifying security properties of TOE

13 of 16

Security Functional Requirements (SFRs)

Individual security functions provided by a product

14 of 16

Security Assurance Requirements (SARs)

Descriptions of the measures taken during development and evaluation of the product to assure compliance with the claimed security functionality.

15 of 16

Evaluation Assurance Level (EAL)

Numerical rating describing the depth and rigor of an evaluation

16 of 16

Other cards in this set

Card 2

Front

Framework Implementation Tiers

Back

1 - Partial 2 - Risk Informed 3 - Repeatable 4 - Adaptive

Card 3

Front

Control Set of TL0

Back

Card 4

Front

Control Set of TL1

Back

Card 5

Front

Control Set of TL2

Back

View more cards

Get Revising

Security Case and Design Good Practice