ISO/IEC TR 19791-2006 信息技术.安全技术.操作系统的安全评定
作者:标准资料网 时间:2024-05-18 13:30:05 浏览:8383
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Informationtechnology-Securitytechniques-Securityassessmentofoperationalsystems
【原文标准名称】:信息技术.安全技术.操作系统的安全评定
【标准号】:ISO/IECTR19791-2006
【标准状态】:作废
【国别】:国际
【发布日期】:2006-05
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1/SC27
【标准类型】:()
【标准水平】:()
【中文主题词】:担保程序;数据交换;数据处理;数据保护;数据安全;数据传输;定义;信息交换;信息技术;信心度;使用特性;操作系统;操作系统(计算机);操作安全;可靠度;可靠性保证;安全;安全要求;规范(验收)
【英文主题词】:Assuranceprogrammes;Dataexchange;Dataprocessing;Dataprotection;Datasecurity;Datatransmission;Definitions;Informationinterchange;Informationtechnology;Levelofconfidence;Operatingproperties;Operatingsystems;Operatingsystems(computers);Operationalsafety;Reliability;Reliabilityassurance;Safety;Safetyrequirements;Specification(approval)
【摘要】:ThisTechnicalReportprovidesguidanceandcriteriaforthesecurityevaluationofoperationalsystems.ItprovidesanextensiontothescopeofISO/IEC15408,bytakingintoaccountanumberofcriticalaspectsofoperationalsystemsnotaddressedinISO/IEC15408evaluation.TheprincipalextensionsthatarerequiredaddressevaluationoftheoperationalenvironmentsurroundingtheTOE,andthedecompositionofcomplexoperationalsystemsintosecuritydomainsthatcanbeseparatelyevaluated.ThisTechnicalReportprovidesa)adefinitionandmodelforoperationalsystems;b)adescriptionoftheextensionstoISO/IEC15408evaluationconceptsneededtoevaluatesuchoperationalsystems;c)amethodologyandprocessforperformingthesecurityevaluationofoperationalsystems;d)additionalsecurityevaluationcriteriatoaddressthoseaspectsofoperationalsystemsnotcoveredbytheISO/IEC15408evaluationcriteria.ThisTechnicalReportpermitstheincorporationofsecurityproductsevaluatedagainstISO/IEC15408intooperationalsystemsevaluatedasawholeusingthisTechnicalReport.ThisTechnicalReportislimitedtothesecurityevaluationofoperationalsystemsanddoesnotconsiderotherformsofsystemassessment.Itdoesnotdefinetechniquesfortheidentification,assessmentandacceptanceofoperationalrisk.
【中国标准分类号】:L70
【国际标准分类号】:35_040
【页数】:165P.;A4
【正文语种】:英语
【原文标准名称】:信息技术.安全技术.操作系统的安全评定
【标准号】:ISO/IECTR19791-2006
【标准状态】:作废
【国别】:国际
【发布日期】:2006-05
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1/SC27
【标准类型】:()
【标准水平】:()
【中文主题词】:担保程序;数据交换;数据处理;数据保护;数据安全;数据传输;定义;信息交换;信息技术;信心度;使用特性;操作系统;操作系统(计算机);操作安全;可靠度;可靠性保证;安全;安全要求;规范(验收)
【英文主题词】:Assuranceprogrammes;Dataexchange;Dataprocessing;Dataprotection;Datasecurity;Datatransmission;Definitions;Informationinterchange;Informationtechnology;Levelofconfidence;Operatingproperties;Operatingsystems;Operatingsystems(computers);Operationalsafety;Reliability;Reliabilityassurance;Safety;Safetyrequirements;Specification(approval)
【摘要】:ThisTechnicalReportprovidesguidanceandcriteriaforthesecurityevaluationofoperationalsystems.ItprovidesanextensiontothescopeofISO/IEC15408,bytakingintoaccountanumberofcriticalaspectsofoperationalsystemsnotaddressedinISO/IEC15408evaluation.TheprincipalextensionsthatarerequiredaddressevaluationoftheoperationalenvironmentsurroundingtheTOE,andthedecompositionofcomplexoperationalsystemsintosecuritydomainsthatcanbeseparatelyevaluated.ThisTechnicalReportprovidesa)adefinitionandmodelforoperationalsystems;b)adescriptionoftheextensionstoISO/IEC15408evaluationconceptsneededtoevaluatesuchoperationalsystems;c)amethodologyandprocessforperformingthesecurityevaluationofoperationalsystems;d)additionalsecurityevaluationcriteriatoaddressthoseaspectsofoperationalsystemsnotcoveredbytheISO/IEC15408evaluationcriteria.ThisTechnicalReportpermitstheincorporationofsecurityproductsevaluatedagainstISO/IEC15408intooperationalsystemsevaluatedasawholeusingthisTechnicalReport.ThisTechnicalReportislimitedtothesecurityevaluationofoperationalsystemsanddoesnotconsiderotherformsofsystemassessment.Itdoesnotdefinetechniquesfortheidentification,assessmentandacceptanceofoperationalrisk.
【中国标准分类号】:L70
【国际标准分类号】:35_040
【页数】:165P.;A4
【正文语种】:英语
下载地址: 点击此处下载