ДСТУ ISO/IEC 15408-2:2017 Інформаційні технології. Методи захисту. Критерії оцінки. Частина 2. Функціональні вимоги (ISO/IEC 15408-2:2008, IDT)
ПІДТВЕРДЖУВАЛЬНЕ ПОВІДОМЛЕННЯ
Державне підприємство
«Український науково-дослідний і навчальний центр
проблем стандартизації, сертифікації та якості»
(
(ДП «УкрНДНЦ»))
Наказ від 04.08.2017 № 207
ISO/IEC 15408-2:2008
Information technology — Security techniques — Evaluation criteria for ІТ security —
Part 2: Security functional components
прийнято як національний стандарт
методом підтаердження за позначенням
ДСТУ ISO/IEC 15408-2:2017
(ISO/IEC 15408-2:2008, IDT)
Інформаційні технологи. Методи захисту. Критерії оцінки.
Частина 2. Функціональні вимоги
З наданням чинності від 2017-10-01
Contents
1 Scope
2 Normative references
3 Terms and definitions, symbols and abbreviated terms
4 Overview
4.1 Organisation of this part of ISO/IEC 15408
5 Functional requirements paradigm
6 Security functional components
6.1 Overview
6.2 Component catalogue
7 Class FAU: Security audit
7.1 Security audit automatic response (FAU_ARP)
7.2 Security audit data generation (FAU_GEN)
7.3 Security audit analysis (FAU_SAA)
7.4 Security audit review (FAU_SAR)
7.5 Security audit event selection (FAU_SEL)
7.6 Security audit event storage (FAU_STG)
8 Class FCO: Communication
8.1 Non-repudiation of origin (FCO_NRO)
8.2 Non-repudiation of receipt (FCO_NRR)
9 Class FCS: Cryptographic support
9.1 Cryptographic key management (FCS_CKM)
9.2 Cryptographic operation (FCS_COP)
10 Class FDP: User data protection
10.1 Access control policy (FDP_ACC)
10.2 Access control functions (FDP_ACF)
10.3 Data authentication (FDP_DAU)
10.4 Export from the TOE (FDP_ETC)
10.5 Information flow control policy (FDP_IFC)
10.6 Information flow control functions (FDP_IFF)
10.7 Import from outside of the TOE (FDP_ITC)
10.8 Internal TOE transfer (FDP_ITT)
10.9 Residual information protection (FDP_RIP)
10.10 Rollback (FDP_ROL)
10.11 Stored data integrity (FDP_SDI)
10.12 Inter-TSF user data confidentiality transfer protection (FDP_UCT)
10.13 Inter-TSF user data integrity transfer protection (FDP_UIT)
11 Class FIA: Identification and authentication
11.1 Authentication failures (FIA_AFL)
11.2 User attribute definition (FIA_ATD)
11.3 Specification of secrets (FIA_SOS)
11.4 User authentication (FIA_UAU)
11.5 User identification (FIA_UID)
11.6 User-subject binding (FIA_USB)
12 Class FMT: Security management
12.1 Management of functions in TSF (FMT_MOF)
12.2 Management of security attributes (FMT_MSA)
12.3 Management of TSF data (FMT_MTD)
12.4 Revocation (FMT_REV)
12.5 Security attribute expiration (FMT_SAE)
12.6 Specification of Management Functions (FMT_SMF)
12.7 Security management roles (FMT_SMR)
13 Class FPR: Privacy
13.1 Anonymity (FPR_ANO)
13.2 Pseudonymity (FPR_PSE)
13.3 Unlinkability (FPR_UNL)
13.4 Unobservability (FPR_UNO)
14 Class FPT: Protection of the TSF
14.1 Fail secure (FPT_FLS)
14.2 Availability of exported TSF data (FPT_ITA)
14.3 Confidentiality of exported TSF data (FPT_ITC)
14.4 Integrity of exported TSF data (FPT_ITI)
14.5 Internal TOE TSF data transfer (FPT_ITT)
14.6 TSF physical protection (FPT_PHP)
14.7 Trusted recovery (FPT_RCV)
14.8 Replay detection (FPT_RPL)
14.9 State synchrony protocol (FPT_SSP)
14.10 Time stamps (FPT_STM)
14.11 Inter-TSF TSF data consistency (FPT_TDC)
14.12 Testing of external entities (FPT_TEE)
14.13 Internal TOE TSF data replication consistency (FPT_TRC)
14.14 TSF self test (FPT_TST)
15 Class FRU: Resource utilisation
15.1 Fault tolerance (FRU_FLT)
15.2 Priority of service (FRU_PRS)
15.3 Resource allocation (FRU_RSA)
16 Class FTA: TOE access
16.1 Limitation on scope of selectable attributes (FTA_LSA)
16.2 Limitation on multiple concurrent sessions (FTA_MCS)
16.3 Session locking and termination (FTA_SSL)
16.4 TOE access banners (FTA_TAB)
16.5 TOE access history (FTA_TAH)
16.6 TOE session establishment (FTA_TSE)
17 Class FTP: Trusted path/chanrsels
17.1 Inter-TSF trusted channel (FTP_ITC)
17.2 Trusted path (FTP_TRP)
Annex A (normative) Security functional requirements application notes
Annex В (normative) Functional classes, families, and components
Annex C (normative) Class FAU: Security audit
Annex D (normative) Class FCO: Communication
Annex E (normative) Class FCS: Cryptographic support
Annex F (normative) Class FDP: User data protection
Annex G (normative) Class FIA: Identification and authentication
Annex H (normative) Class FMT: Security management
Annex I (normative) Class FPR: Privacy
Annex J (normative) Class FPT: Protection of the TSF
Annex К (normative) Class FRU: Resource utilisation
Annex L (normative) Class FTA: TOE access
Annex M (normative) Class FTP: Trusted path/channels
Повна версія документа доступна в тарифі «ВСЕ ВРАХОВАНО».