ДСТУ ISO/IEC 15408-2:2017 Информационные технологии. Методы защиты. Критерии оценки. Часть 2. Функциональные требования (ISO/IEC 15408-2:2008, IDT)

ПІДТВЕРДЖУВАЛЬНЕ ПОВІДОМЛЕННЯ

Державне підприємство
«Український науково-дослідний і навчальний центр
проблем стандартизації, сертифікації та якості»
(   
(ДП «УкрНДНЦ»))

Наказ від 04.08.2017 № 207

ISO/IEC 15408-2:2008

Information technology — Security techniques — Evaluation criteria for ІТ security —
Part 2: Security functional components

прийнято як національний стандарт
методом підтаердження за позначенням

ДСТУ ISO/IEC 15408-2:2017
(ISO/IEC 15408-2:2008, IDT)

Інформаційні технологи. Методи захисту. Критерії оцінки.
Частина 2. Функціональні вимоги

З наданням чинності від 2017-10-01

Contents

1 Scope

2 Normative references

3 Terms and definitions, symbols and abbreviated terms

4 Overview

4.1 Organisation of this part of ISO/IEC 15408

5 Functional requirements paradigm

6 Security functional components

6.1 Overview

6.2 Component catalogue

7 Class FAU: Security audit

7.1 Security audit automatic response (FAU_ARP)

7.2 Security audit data generation (FAU_GEN)

7.3 Security audit analysis (FAU_SAA)

7.4 Security audit review (FAU_SAR)

7.5 Security audit event selection (FAU_SEL)

7.6 Security audit event storage (FAU_STG)

8 Class FCO: Communication

8.1 Non-repudiation of origin (FCO_NRO)

8.2 Non-repudiation of receipt (FCO_NRR)

9 Class FCS: Cryptographic support

9.1 Cryptographic key management (FCS_CKM)

9.2 Cryptographic operation (FCS_COP)

10 Class FDP: User data protection

10.1 Access control policy (FDP_ACC)

10.2 Access control functions (FDP_ACF)

10.3 Data authentication (FDP_DAU)

10.4 Export from the TOE (FDP_ETC)

10.5 Information flow control policy (FDP_IFC)

10.6 Information flow control functions (FDP_IFF)

10.7 Import from outside of the TOE (FDP_ITC)

10.8 Internal TOE transfer (FDP_ITT)

10.9 Residual information protection (FDP_RIP)

10.10 Rollback (FDP_ROL)

10.11 Stored data integrity (FDP_SDI)

10.12 Inter-TSF user data confidentiality transfer protection (FDP_UCT)

10.13 Inter-TSF user data integrity transfer protection (FDP_UIT)

11 Class FIA: Identification and authentication

11.1 Authentication failures (FIA_AFL)

11.2 User attribute definition (FIA_ATD)

11.3 Specification of secrets (FIA_SOS)

11.4 User authentication (FIA_UAU)

11.5 User identification (FIA_UID)

11.6 User-subject binding (FIA_USB)

12 Class FMT: Security management

12.1 Management of functions in TSF (FMT_MOF)

12.2 Management of security attributes (FMT_MSA)

12.3 Management of TSF data (FMT_MTD)

12.4 Revocation (FMT_REV)

12.5 Security attribute expiration (FMT_SAE)

12.6 Specification of Management Functions (FMT_SMF)

12.7 Security management roles (FMT_SMR)

13 Class FPR: Privacy

13.1 Anonymity (FPR_ANO)

13.2 Pseudonymity (FPR_PSE)

13.3 Unlinkability (FPR_UNL)

13.4 Unobservability (FPR_UNO)

14 Class FPT: Protection of the TSF

14.1 Fail secure (FPT_FLS)

14.2 Availability of exported TSF data (FPT_ITA)

14.3 Confidentiality of exported TSF data (FPT_ITC)

14.4 Integrity of exported TSF data (FPT_ITI)

14.5 Internal TOE TSF data transfer (FPT_ITT)

14.6 TSF physical protection (FPT_PHP)

14.7 Trusted recovery (FPT_RCV)

14.8 Replay detection (FPT_RPL)

14.9 State synchrony protocol (FPT_SSP)

14.10 Time stamps (FPT_STM)

14.11 Inter-TSF TSF data consistency (FPT_TDC)

14.12 Testing of external entities (FPT_TEE)

14.13 Internal TOE TSF data replication consistency (FPT_TRC)

14.14 TSF self test (FPT_TST)

15 Class FRU: Resource utilisation

15.1 Fault tolerance (FRU_FLT)

15.2 Priority of service (FRU_PRS)

15.3 Resource allocation (FRU_RSA)

16 Class FTA: TOE access

16.1 Limitation on scope of selectable attributes (FTA_LSA)

16.2 Limitation on multiple concurrent sessions (FTA_MCS)

16.3 Session locking and termination (FTA_SSL)

16.4 TOE access banners (FTA_TAB)

16.5 TOE access history (FTA_TAH)

16.6 TOE session establishment (FTA_TSE)

17 Class FTP: Trusted path/chanrsels

17.1 Inter-TSF trusted channel (FTP_ITC)

17.2 Trusted path (FTP_TRP)

Annex A (normative) Security functional requirements application notes

Annex В (normative) Functional classes, families, and components

Annex C (normative) Class FAU: Security audit

Annex D (normative) Class FCO: Communication

Annex E (normative) Class FCS: Cryptographic support

Annex F (normative) Class FDP: User data protection

Annex G (normative) Class FIA: Identification and authentication

Annex H (normative) Class FMT: Security management

Annex I (normative) Class FPR: Privacy

Annex J (normative) Class FPT: Protection of the TSF

Annex К (normative) Class FRU: Resource utilisation

Annex L (normative) Class FTA: TOE access

Annex M (normative) Class FTP: Trusted path/channels