The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408)...
30 KB (3,747 words) - 04:30, 19 September 2024
Orange book was replaced by the International Common Criteria for Information Technology Security Evaluation. On 24 October 2002, The Orange Book (aka DoDD...
18 KB (2,101 words) - 21:38, 25 February 2024
Common Criteria for Information Technology Security Evaluation, version 3.1 Part 1 (called CC 3.1 or CC) defines the Security Target (ST) as an...
5 KB (663 words) - 08:18, 1 March 2024
international standard for computer security certification, referred to as the Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408)...
8 KB (834 words) - 20:44, 18 January 2022
implementation, and post-evaluation. Pre-evaluation: to identify the awareness of information security within employees and to analyze current security policy Strategic...
192 KB (22,189 words) - 21:14, 26 September 2024
Assurance Partnership (NIAP) to evaluate security functionality of an information technology with conformance to the Common Criteria international standard. The...
4 KB (452 words) - 10:56, 17 September 2024
Risk (redirect from Risk criteria)
(business, economics, environment, finance, information technology, health, insurance, safety, security etc). This article provides links to more detailed...
86 KB (10,467 words) - 10:14, 12 September 2024
Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security...
27 KB (2,936 words) - 18:18, 9 September 2024
ITSEC (redirect from Information Technology Security Evaluation Criteria)
The Information Technology Security Evaluation Criteria (ITSEC) is a structured set of criteria for evaluating computer security within products and systems...
4 KB (414 words) - 23:32, 19 May 2024
Computer security (also cybersecurity, digital security, or information technology (IT) security) is the protection of computer software, systems and...
219 KB (22,241 words) - 08:05, 26 September 2024
Printer Working Group (category Information technology organizations)
"Imaging Device Security workgroup". Printer Working Group. "Common Criteria for Information Technology Security Evaluation (CC)". Common Criteria Portal. "Hardcopy...
6 KB (680 words) - 17:26, 8 August 2023
IT risk management (redirect from Information risk management)
risk management is the application of risk management methods to information technology in order to manage IT risk. Various methodologies exist to manage...
19 KB (1,844 words) - 12:47, 12 September 2024
Scheme Publication #4 Common Criteria Evaluation and Validation Scheme for Information Technology Security — Guidance to Common Criteria Testing Laboratories...
7 KB (839 words) - 03:02, 26 April 2022
Separation kernel (category All articles with bare URLs for citations)
High Robustness," Version 1.03, June 2007. "Common Criteria for Information Technology Security Evaluation," Version 3.1, CCMB-2006-09-001, 002, 003, September...
6 KB (858 words) - 14:31, 15 August 2022
level of FIPS 140 security certification attainable is Security Level 4, most of the HSMs have Level 3 certification. In the Common Criteria system the highest...
14 KB (1,564 words) - 02:37, 4 August 2024
In common usage, evaluation is a systematic determination and assessment of a subject's merit, worth and significance, using criteria governed by a set...
43 KB (4,502 words) - 07:16, 19 April 2024
IT risk (redirect from Information technology risk)
for security professionals involved in evaluating compliance with ISO/IEC 15408 (Information technology—Security techniques—Evaluation criteria for IT...
58 KB (7,383 words) - 01:05, 24 September 2024
OWASP (redirect from Open Web Application Security Project)
Application Security Project (OWASP) is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the...
16 KB (1,357 words) - 20:47, 5 September 2024
sociotechnical perspective, information systems comprise four components: task, people, structure (or roles), and technology. Information systems can be defined...
50 KB (5,883 words) - 23:36, 6 September 2024
"security clearance" is also sometimes used in private organizations that have a formal process to vet employees for access to sensitive information....
52 KB (5,765 words) - 03:37, 11 September 2024
FIPS 140-2 (redirect from Federal Information Processing Standard 140-2)
maintenance of security metrics, security evaluation criteria and evaluation methodologies, tests and test methods; security-specific criteria for laboratory...
16 KB (1,902 words) - 15:20, 10 January 2024
Protection Profile (category Computer security procedures)
certification process according to ISO/IEC 15408 and the Common Criteria (CC). As the generic form of a Security Target (ST), it is typically created by a user...
5 KB (606 words) - 16:21, 7 June 2024
Rainbow Series (category Computer security standards)
technology using this process as part of their procurement criteria. Many of these standards have influenced, and have been superseded by, the Common...
13 KB (268 words) - 20:41, 14 July 2024
Mandatory access control (category Computer security models)
multilevel security (MLS) as a means of protecting classified information of the United States. The Trusted Computer System Evaluation Criteria (TCSEC),...
21 KB (2,427 words) - 06:36, 28 June 2024
use of evaluated IT products and systems Champion the development and use of national and international standards for IT security Common Criteria Foster...
4 KB (486 words) - 22:37, 16 December 2021
Multics (redirect from Multiplexed Information and Computing Service)
System Evaluation Criteria from the National Computer Security Center (NCSC), a division of the NSA; it was the first operating system evaluated to this...
40 KB (4,510 words) - 17:57, 22 September 2024
platform. This was evaluated against the DoD Computer Security Center Orange Book evaluation criteria at level A1. The RSRE Secure User Environment (SUE)...
11 KB (1,189 words) - 01:09, 11 December 2023
organizations. The uncounted plural, geographic information systems, also abbreviated GIS, is the most common term for the industry and profession concerned with...
101 KB (13,118 words) - 10:22, 14 September 2024
Digital Guardian (category Computer security software companies)
Guardian platform completed EAL2+ evaluation under the Communications Security Establishment's Common Criteria Evaluation and Certification Scheme in December...
12 KB (1,053 words) - 09:55, 5 September 2024