EN ISO/IEC 15408-1:2023
(Main)Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 1: Introduction and general model (ISO/IEC 15408-1:2022)
Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 1: Introduction and general model (ISO/IEC 15408-1:2022)
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products.
This document provides an overview of all parts of the ISO/IEC 15408 series. It describes the various parts of the ISO/IEC 15408 series; defines the terms and abbreviations to be used in all parts of the standard; establishes the core concept of a Target of Evaluation (TOE); describes the evaluation context and describes the audience to which the evaluation criteria is addressed. An introduction to the basic security concepts necessary for evaluation of IT products is given.
This document introduces:
— the key concepts of Protection Profiles (PP), PP-Modules, PP-Configurations, packages, Security Targets (ST), and conformance types;
— a description of the organization of security components throughout the model;
— the various operations by which the functional and assurance components given in ISO/IEC 15408‑2 and ISO/IEC 15408‑3 can be tailored through the use of permitted operations;
— general information about the evaluation methods given in ISO/IEC 18045;
— guidance for the application of ISO/IEC 15408‑4 in order to develop evaluation methods (EM) and evaluation activities (EA) derived from ISO/IEC 18045;
— general information about the pre-defined Evaluation Assurance Levels (EALs) defined in ISO/IEC 15408‑5;
— information in regard to the scope of evaluation schemes.
Informationssicherheit, Cybersicherheit und Schutz der Privatsphäre - Evaluationskriterien für IT-Sicherheit - Teil 1: Einführung und allgemeines Modell (ISO/IEC 15408-1:2022)
Sécurité de l'information, cybersécurité et protection de la vie privée - Critères d'évaluation pour la sécurité des technologies de l'information - Partie 1: Introduction et modèle général (ISO/IEC 15408-1:2022)
Informacijska varnost, kibernetska varnost in varstvo zasebnosti - Merila za vrednotenje varnosti IT - 1. del: Uvod in splošni model (ISO/IEC 15408-1:2022)
Ta dokument določa splošne pojme in načela vrednotenja varnosti IT ter splošni model vrednotenja, ki ga podajajo različni deli standarda in ki je celostno namenjen kot osnova za vrednotenje varnostnih lastnosti izdelkov IT.
Ta dokument podaja pregled vseh delov standarda ISO/IEC 15408 (vsi deli). Opisuje različne dele standarda; opredeljuje izraze in kratice, ki se jih uporablja v vseh delih standarda; vzpostavlja temeljni koncept ciljev vrednotenja (TOE); opisuje okvir vrednotenja in ciljne skupine, katerim so namenjena merila vrednotenja. Podan je uvod v osnovne varnostne koncepte, ki so potrebni za vrednotenje izdelkov IT.
Ta dokument uvaja:
– ključne koncepte varnostnih profilov (PP), module varnostnih profilov, konfiguracije varnostnih profilov, varnostne cilje (ST), vrste skladnosti;
– opis organizacije varnostnih komponent v modelu;
– različne operacije, s katerimi je mogoče z dovoljenimi operacijami prilagoditi elemente delovanja in zanesljivosti, podane v standardu ISO/IEC 15408-2 in ISO/IEC 15408-3;
– splošne informacije o metodah vrednotenja so podane v standardu ISO/IEC 18045;
– smernice za uporabo standarda ISO/IEC 15408-4 za razvijanje metod vrednotenja (EM) in dejavnosti vrednotenja (EA), ki izhajajo iz standarda ISO/IEC 18045;
– splošne informacije o vnaprej določenih nivojih zanesljivosti vrednotenj (EAL), opredeljenih v standardu ISO/IEC 15408-5; in
– informacije v zvezi s področjem uporabe shem vrednotenja.
General Information
Relations
Overview
EN ISO/IEC 15408-1:2023 (ISO/IEC 15408-1:2022) establishes the general model and foundational concepts for evaluating IT security, cybersecurity and privacy protection. Part 1 provides the introduction to the ISO/IEC 15408 series (commonly known as the Common Criteria) and defines the vocabulary, core constructs and evaluation context used across the suite. It is intended as the basis for assessing the security properties of IT products and systems.
Key topics and technical requirements
- Target of Evaluation (TOE): definition, boundary identification, configurations and operational environments that determine what is evaluated.
- Security Problem Definition (SPD): description of threats, organizational security policies (OSPs) and assumptions that drive requirements.
- Security Objectives: objectives for the TOE and for its operational environment, with guidance on tracing and justification.
- Security Requirements: introduction to Security Functional Requirements (SFRs) and Security Assurance Requirements (SARs) that are developed in ISO/IEC 15408‑2 and ISO/IEC 15408‑3.
- Security Components Model: hierarchical organization (class → family → component → element), dependency rules and permitted operations (assignment, selection, refinement, iteration) used to tailor components.
- Packages and Conformance Types: use of functional and assurance packages, Protection Profiles (PP), PP‑Modules, PP‑Configurations and Security Targets (ST) to express and claim compliance.
- Evaluation Methods and Assurance Levels: overview of evaluation methods (see ISO/IEC 18045) and pre‑defined Evaluation Assurance Levels (EALs) (covered in ISO/IEC 15408‑5).
- Guidance for Evaluators: scope of evaluation schemes, how to apply ISO/IEC 15408‑4 to develop evaluation methods and activities.
Practical applications and who uses it
This Part 1 standard is essential for:
- Security evaluators and certification bodies - establishing evaluation scope, selecting SFRs/SARs and interpreting conformance claims.
- Product vendors and developers - preparing Security Targets and aligning product design to evaluatable requirements (PPs/STs).
- Procurement and risk owners - specifying measurable security requirements in tenders and assessing vendor claims.
- Security architects and privacy officers - mapping threats and OSPs to technical and assurance objectives.
Typical uses include product certification, development of Protection Profiles, compliance assessments and procurement-driven assurance comparisons.
Related standards
- ISO/IEC 15408‑2 (security functional components)
- ISO/IEC 15408‑3 (security assurance components)
- ISO/IEC 15408‑4 (developing evaluation methods)
- ISO/IEC 15408‑5 (EALs)
- ISO/IEC 18045 (evaluation methods)
Keywords: ISO/IEC 15408, Common Criteria, evaluation criteria, IT security, cybersecurity, privacy protection, Target of Evaluation, Protection Profile, Security Target, SFR, SAR, EAL, evaluation methods.
Frequently Asked Questions
EN ISO/IEC 15408-1:2023 is a standard published by the European Committee for Standardization (CEN). Its full title is "Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 1: Introduction and general model (ISO/IEC 15408-1:2022)". This standard covers: This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products. This document provides an overview of all parts of the ISO/IEC 15408 series. It describes the various parts of the ISO/IEC 15408 series; defines the terms and abbreviations to be used in all parts of the standard; establishes the core concept of a Target of Evaluation (TOE); describes the evaluation context and describes the audience to which the evaluation criteria is addressed. An introduction to the basic security concepts necessary for evaluation of IT products is given. This document introduces: — the key concepts of Protection Profiles (PP), PP-Modules, PP-Configurations, packages, Security Targets (ST), and conformance types; — a description of the organization of security components throughout the model; — the various operations by which the functional and assurance components given in ISO/IEC 15408‑2 and ISO/IEC 15408‑3 can be tailored through the use of permitted operations; — general information about the evaluation methods given in ISO/IEC 18045; — guidance for the application of ISO/IEC 15408‑4 in order to develop evaluation methods (EM) and evaluation activities (EA) derived from ISO/IEC 18045; — general information about the pre-defined Evaluation Assurance Levels (EALs) defined in ISO/IEC 15408‑5; — information in regard to the scope of evaluation schemes.
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products. This document provides an overview of all parts of the ISO/IEC 15408 series. It describes the various parts of the ISO/IEC 15408 series; defines the terms and abbreviations to be used in all parts of the standard; establishes the core concept of a Target of Evaluation (TOE); describes the evaluation context and describes the audience to which the evaluation criteria is addressed. An introduction to the basic security concepts necessary for evaluation of IT products is given. This document introduces: — the key concepts of Protection Profiles (PP), PP-Modules, PP-Configurations, packages, Security Targets (ST), and conformance types; — a description of the organization of security components throughout the model; — the various operations by which the functional and assurance components given in ISO/IEC 15408‑2 and ISO/IEC 15408‑3 can be tailored through the use of permitted operations; — general information about the evaluation methods given in ISO/IEC 18045; — guidance for the application of ISO/IEC 15408‑4 in order to develop evaluation methods (EM) and evaluation activities (EA) derived from ISO/IEC 18045; — general information about the pre-defined Evaluation Assurance Levels (EALs) defined in ISO/IEC 15408‑5; — information in regard to the scope of evaluation schemes.
EN ISO/IEC 15408-1:2023 is classified under the following ICS (International Classification for Standards) categories: 35.030 - IT Security. The ICS classification helps identify the subject area and facilitates finding related standards.
EN ISO/IEC 15408-1:2023 has the following relationships with other standards: It is inter standard links to EN ISO/IEC 15408-1:2020, FprEN ISO/IEC 15408-1. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.
You can purchase EN ISO/IEC 15408-1:2023 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of CEN standards.
Standards Content (Sample)
SLOVENSKI STANDARD
01-maj-2024
Nadomešča:
SIST EN ISO/IEC 15408-1:2020
Informacijska varnost, kibernetska varnost in varstvo zasebnosti - Merila za
vrednotenje varnosti IT - 1. del: Uvod in splošni model (ISO/IEC 15408-1:2022)
Information security, cybersecurity and privacy protection - Evaluation criteria for IT
security - Part 1: Introduction and general model (ISO/IEC 15408-1:2022)
Informationssicherheit, Cybersicherheit und Schutz der Privatsphäre -
Evaluationskriterien für IT-Sicherheit - Teil 1: Einführung und allgemeines Modell
(ISO/IEC 15408-1:2022)
Sécurité de l'information, cybersécurité et protection de la vie privée - Critères
d'évaluation pour la sécurité des technologies de l'information - Partie 1: Introduction et
modèle général (ISO/IEC 15408-1:2022)
Ta slovenski standard je istoveten z: EN ISO/IEC 15408-1:2023
ICS:
35.030 Informacijska varnost IT Security
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
EUROPEAN STANDARD EN ISO/IEC 15408-1
NORME EUROPÉENNE
EUROPÄISCHE NORM
December 2023
ICS 35.030
Supersedes EN ISO/IEC 15408-1:2020
English version
Information security, cybersecurity and privacy protection
- Evaluation criteria for IT security - Part 1: Introduction
and general model (ISO/IEC 15408-1:2022)
Sécurité de l'information, cybersécurité et protection Informationssicherheit, Cybersicherheit und Schutz
de la vie privée - Critères d'évaluation pour la sécurité der Privatsphäre - Evaluationskriterien für IT-
des technologies de l'information - Partie 1: Sicherheit - Teil 1: Einführung und allgemeines Modell
Introduction et modèle général (ISO/IEC 15408- (ISO/IEC 15408-1:2022)
1:2022)
This European Standard was approved by CEN on 20 November 2023.
CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for
giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical
references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to
any CEN and CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN and CENELEC member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.
CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and United Kingdom.
CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2023 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. EN ISO/IEC 15408-1:2023 E
reserved worldwide for CEN national Members and for
CENELEC Members.
Contents Page
European foreword . 3
European foreword
The text of ISO/IEC 15408-1:2022 has been prepared by Technical Committee ISO/IEC JTC 1
"Information technology” of the International Organization for Standardization (ISO) and has been
taken over as EN ISO/IEC 15408-1:2023 by Technical Committee CEN-CENELEC/ JTC 13 “Cybersecurity
and Data Protection” the secretariat of which is held by DIN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by June 2024, and conflicting national standards shall be
withdrawn at the latest by June 2024.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN-CENELEC shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN ISO/IEC 15408-1:2020.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN and CENELEC websites.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Endorsement notice
The text of ISO/IEC 15408-1:2022 has been approved by CEN-CENELEC as EN ISO/IEC 15408-1:2023
without any modification.
INTERNATIONAL ISO/IEC
STANDARD 15408-1
Fourth edition
2022-08
Information security, cybersecurity
and privacy protection — Evaluation
criteria for IT security —
Part 1:
Introduction and general model
Sécurité de l'information, cybersécurité et protection de la vie
privée — Critères d'évaluation pour la sécurité des technologies de
l'information —
Partie 1: Introduction et modèle général
Reference number
ISO/IEC 15408-1:2022(E)
© ISO/IEC 2022
ISO/IEC 15408-1:2022(E)
© ISO/IEC 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Contents Page
Foreword . vi
Introduction .viii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Abbreviated terms .13
5 Overview .15
5.1 General . 15
5.2 ISO/IEC 15408 series description . 15
5.2.1 General .15
5.2.2 Audience . . 16
5.3 Target of evaluation (TOE) . 19
5.3.1 General . 19
5.3.2 TOE boundaries . 19
5.3.3 Different representations of the TOE . 20
5.3.4 Different configurations of the TOE . 20
5.3.5 Operational environment of the TOE . 20
5.4 Presentation of material in this document . 21
6 General model .21
6.1 Background . 21
6.2 Assets and security controls . 21
6.3 Core constructs of the paradigm of the ISO/IEC 15408 series . 24
6.3.1 General . 24
6.3.2 Conformance types . 24
6.3.3 Communicating security requirements. 24
6.3.4 Meeting the needs of consumers (risk owners) . 27
7 Specifying security requirements .29
7.1 Security problem definition (SPD) .29
7.1.1 General .29
7.1.2 Threats .29
7.1.3 Organizational security policies (OSPs) .30
7.1.4 Assumptions . 30
7.2 Security objectives . 31
7.2.1 General . 31
7.2.2 Security objectives for the TOE . 31
7.2.3 Security objectives for the operational environment . 31
7.2.4 Relation between security objectives and the SPD . 32
7.2.5 Tracing between security objectives and the SPD . 32
7.2.6 Providing a justification for the tracing . 33
7.2.7 On countering threats.33
7.2.8 Security objectives: conclusion . 33
7.3 Security requirements . . 33
7.3.1 General . 33
7.3.2 Security Functional Requirements (SFRs) .34
7.3.3 Security assurance requirements (SARs) .36
7.3.4 Security requirements: conclusion . 37
8 Security components .38
8.1 Hierarchical structure of security components .38
8.1.1 General .38
8.1.2 Class .38
8.1.3 Family .39
iii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
8.1.4 Component . 39
8.1.5 Element . 39
8.2 Operations . 39
8.2.1 General .39
8.2.2 Iteration .40
8.2.3 Assignment .40
8.2.4 Selection . 41
8.2.5 Refinement . . 43
8.3 Dependencies between components .44
8.4 Extended components.44
8.4.1 General .44
8.4.2 Defining extended components . 45
9 Packages .45
9.1 General . 45
9.2 Package types .46
9.2.1 General .46
9.2.2 Assurance packages .46
9.2.3 Functional packages . 47
9.3 Package dependencies . 47
9.4 Evaluation method(s) and activities. 47
10 Protection Profiles (PPs) .48
10.1 General .48
10.2 PP introduction .48
10.3 Conformance claims and conformance statements.48
10.4 Security assurance requirements (SARs) . 51
10.5 Additional requirements common to strict and demonstrable conformance . 51
10.5.1 Conformance claims and conformance statements . 51
10.5.2 Security problem definition (SPD) . 51
10.5.3 Security objectives . 52
10.6 Additional requirements specific to strict conformance . 52
10.6.1 Requirements for the security problem definition (SPD) . 52
10.6.2 Requirements for the security objectives . 52
10.6.3 Requirements for the security requirements . . 52
10.7 Additional requirements specific to demonstrable conformance .53
10.8 Additional requirements specific to exact conformance . 53
10.8.1 General .53
10.8.2 Conformance claims and statements . 53
10.9 Using PPs .54
10.10 Conformance statements and claims in the case of multiple PPs .54
10.10.1 General .54
10.10.2 Where strict or demonstrable conformance is specified .54
10.10.3 Where exact conformance is specified .54
11 Modular requirements construction .54
11.1 General .54
11.2 PP-Modules. 55
11.2.1 General . 55
11.2.2 PP-Module Base .55
11.2.3 Requirements for PP-Modules . 55
11.3 PP-Configurations . . 59
11.3.1 General . 59
11.3.2 Requirements for PP-Configurations . 59
11.3.3 Usage of PP-Configurations .65
12 Security Targets (STs) .68
12.1 General .68
12.2 Conformance claims and statements .68
12.3 Assurance requirements . 71
iv
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
12.4 Additional requirements in the exact conformance case . 71
12.4.1 Additional requirements for the conformance claim . 71
12.4.2 Additional requirements for the SPD . 71
12.4.3 Additional requirements for the security objectives.72
12.4.4 Additional requirements for the security requirements .72
12.5 Additional requirements in the multi-assurance case .72
13 Evaluation and evaluation results .74
13.1 General .74
13.2 Evaluation context . 76
13.3 Evaluation of PPs and PP-Configurations .77
13.4 Evaluation of STs .77
13.5 Evaluation of TOEs .77
13.6 Evaluation methods and evaluation activities . 78
13.7 Evaluation results . 78
13.7.1 Results of a PP evaluation . 78
13.7.2 Results of a PP-Configuration evaluation . 78
13.7.3 Results of a ST/TOE evaluation . 78
13.8 Multi-assurance evaluation .79
14 Composition of assurance .80
14.1 General .80
14.2 Composition models .81
14.2.1 Layered composition model . 81
14.2.2 Network or bi-directional composition model .82
14.2.3 Embedded composition model .82
14.3 Evaluation techniques for providing assurance in composition models .83
14.3.1 General .83
14.3.2 ACO class for composed TOEs .83
14.3.3 Composite evaluation for composite products .84
14.4 Requirements for evaluations using composition techniques . 95
14.4.1 Re-use of evaluation results . 95
14.4.2 Composition evaluation issues .96
14.5 Evaluation by composition and multi-assurance.97
Annex A (normative) Specification of packages .98
Annex B (normative) Specification of Protection Profiles (PPs) . 102
Annex C (normative) Specification of PP-Modules and PP-Configurations . 112
Annex D (normative) Specification of Security Targets (STs) and Direct Rationale STs . 125
Annex E (normative) PP/PP-Configuration conformance . 136
Bibliography .141
v
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work.
The procedures used to develop this document and those intended for its further maintenance
are described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria
needed for the different types of document should be noted. This document was drafted in
accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives or
www.iec.ch/members_experts/refdocs).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents) or the IEC
list of patent declarations received (see https://patents.iec.ch).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see
www.iso.org/iso/foreword.html. In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 27, Information security, cybersecurity and privacy protection.
This fourth edition cancels and replaces the third edition (ISO/IEC 15408-1:2009), which has been
technically revised.
The main changes are as follows:
— the document has been restructured;
— technical changes have been introduced:
— the terminology has been reviewed and updated;
— the exact conformance type has been introduced;
— low assurance protection profiles (PPs) have been removed and direct rationale PPs have been
introduced;
— PP-Modules and PP-Configurations for modular evaluations have been introduced;
— multi-assurance evaluation has been introduced.
A list of all parts in the ISO/IEC 15408 series can be found on the ISO and IEC websites.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.
vi
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Legal notice
The governmental organizations listed below contributed to the development of this version of the
Common Criteria for Information Technology Security Evaluations. As the joint holders of the copyright
in the Common Criteria for Information Technology Security Evaluations (called CC), they hereby
grant non-exclusive license to ISO/IEC to use CC in the continued development/maintenance of the
ISO/IEC 15408 series of standards. However, these governmental organizations retain the right to use,
copy, distribute, translate or modify CC as they see fit.
Australia The Australian Signals Directorate
Canada Communications Security Establishment
France Agence Nationale de la Sécurité des Systèmes d'Information
Germany Bundesamt für Sicherheit in der Informationstechnik
Japan Information-technology Promotion Agency
Netherlands Netherlands National Communications Security Agency
New Zealand Government Communications Security Bureau
Republic of Korea National Security Research Institute
Spain Ministerio de Asuntos Económicos y Transformación Digital
Sweden FMV, Swedish Defence Materiel Administration
United Kingdom National Cyber Security Centre
United States The National Security Agency
vii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Introduction
The ISO/IEC 15408 series permits comparability between the results of independent security
evaluations by providing a common set of requirements for the security functionality of IT products and
for assurance measures applied to these IT products during a security evaluation. These IT products
may be implemented in hardware, firmware, or software.
The evaluation process establishes a level of confidence that the security functionality of these IT
products and the assurance measures applied to these IT products meet these requirements. The
evaluation results may help consumers to determine whether these IT products fulfil their security
needs.
The ISO/IEC 15408 series is useful as a guide for the development, evaluation and/or procurement of IT
products with security functionality.
The ISO/IEC 15408 series is intentionally flexible, enabling a range of evaluation approaches to be
applied to a range of security properties of a range of IT products. Therefore, users of the standard are
cautioned to exercise care that this flexibility is not misused. For example, using the ISO/IEC 15408
series in conjunction with unsuitable evaluation methods/activities, irrelevant security properties, or
inappropriate IT products, can result in meaningless evaluation results.
Consequently, the fact that an IT product has been evaluated has meaning only in the context of the
security properties that were evaluated and the evaluation methods that were used. Evaluation
authorities are advised to carefully check the products, properties, and methods to determine that an
evaluation provides meaningful results. Additionally, purchasers of evaluated products are advised to
carefully consider this context to determine whether the evaluated product is useful and applicable to
their specific situation and needs.
The ISO/IEC 15408 series addresses the protection of assets from unauthorized disclosure, modification,
or loss of use. The categories of protection relating to these three types of failure of security are
commonly called confidentiality, integrity, and availability, respectively. The ISO/IEC 15408 series may
also be applicable to aspects of IT security outside of these three categories. The ISO/IEC 15408 series
is applicable to risks arising from human activities (malicious or otherwise) and to risks arising from
non-human activities. The ISO/IEC 15408 series may be applied in other areas of IT but makes no claim
of applicability in these areas.
Certain topics, because they involve specialized techniques or because they are somewhat peripheral
to IT security, are considered to be outside the scope of the ISO/IEC 15408 series. Some of these are
identified below:
a) the ISO/IEC 15408 series does not contain security evaluation criteria pertaining to administrative
security measures not related directly to the IT security functionality. However, it is recognized
that significant security can often be achieved through or supported by administrative measures
such as organizational, personnel, physical, and procedural controls;
b) the ISO/IEC 15408 series does not address the evaluation methodology under which the criteria
should be applied;
NOTE 1 The baseline methodology is defined in ISO/IEC 18045. ISO/IEC 15408-4 can be used to further
derive evaluation activities and methods from ISO/IEC 18045.
c) the ISO/IEC 15408 series does not address the administrative and legal framework under which the
criteria may be applied by evaluation authorities. However, it is expected that the ISO/IEC 15408
series is intended to be used for evaluation purposes in the context of such a framework;
d) the procedures for use of evaluation results in accreditation are outside the scope of the
ISO/IEC 15408 series. Accreditation is the administrative process whereby authority is granted for
the operation of an IT product (or collection thereof) in its full operational environment including
all of its non-IT parts. The results of the evaluation process are an input to the accreditation process.
However, as other techniques are more appropriate for the assessments of non-IT related properties
viii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
and their relationship to the IT security parts, accreditors must make separate provisions for those
aspects;
e) the subject of criteria for the assessment of the inherent qualities of cryptographic algorithms is
not covered in the ISO/IEC 15408 series. In the case that independent assessment of mathematical
properties of cryptography is required, the evaluation scheme under which the ISO/IEC 15408
series is applied shall make provision for such assessments.
NOTE 2 This document uses bold and italic type in some cases to distinguish terms from the rest of the text.
The relationship between components within a family is highlighted using a bolding convention. This convention
calls for the use of bold type for all new requirements. For hierarchical components, requirements are presented
in bold type when they are enhanced or modified beyond the requirements of the previous component. In
addition, any new or enhanced permitted operations beyond the previous component are also highlighted using
bold type.
The use of italics indicates text that has a precise meaning. For security assurance requirements the convention
is for special verbs relating to evaluation.
ix
© ISO/IEC 2022 – All rights reserved
INTERNATIONAL STANDARD ISO/IEC 15408-1:2022(E)
Information security, cybersecurity and privacy
protection — Evaluation criteria for IT security —
Part 1:
Introduction and general model
1 Scope
This document establishes the general concepts and principles of IT security evaluation and specifies
the general model of evaluation given by various parts of the standard which in its entirety is meant to
be used as the basis for evaluation of security properties of IT products.
This document provides an overview of all parts of the ISO/IEC 15408 series. It describes the various
parts of the ISO/IEC 15408 series; defines the terms and abbreviations to be used in all parts of the
standard; establishes the core concept of a Target of Evaluation (TOE); describes the evaluation context
and describes the audience to which the evaluation criteria is addressed. An introduction to the basic
security concepts necessary for evaluation of IT products is given.
This document introduces:
— the key concepts of Protection Profiles (PP), PP-Modules, PP-Configurations, packages, Security
Targets (ST), and conformance types;
— a description of the organization of security components throughout the model;
— the various operations by which the functional and assurance components given in ISO/IEC 15408-2
and ISO/IEC 15408-3 can be tailored through the use of permitted operations;
— general information abo
...
SLOVENSKI STANDARD
01-maj-2024
Nadomešča:
SIST EN ISO/IEC 15408-1:2020
Informacijska varnost, kibernetska varnost in varovanje zasebnosti - Merila za
vrednotenje varnosti IT - 1. del: Uvod in splošni model (ISO/IEC 15408-1:2022)
Information security, cybersecurity and privacy protection - Evaluation criteria for IT
security - Part 1: Introduction and general model (ISO/IEC 15408-1:2022)
Informationssicherheit, Cybersicherheit und Schutz der Privatsphäre -
Evaluationskriterien für IT-Sicherheit - Teil 1: Einführung und allgemeines Modell
(ISO/IEC 15408-1:2022)
Sécurité de l'information, cybersécurité et protection de la vie privée - Critères
d'évaluation pour la sécurité des technologies de l'information - Partie 1: Introduction et
modèle général (ISO/IEC 15408-1:2022)
Ta slovenski standard je istoveten z: EN ISO/IEC 15408-1:2023
ICS:
35.030 Informacijska varnost IT Security
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
EUROPEAN STANDARD EN ISO/IEC 15408-1
NORME EUROPÉENNE
EUROPÄISCHE NORM
December 2023
ICS 35.030
Supersedes EN ISO/IEC 15408-1:2020
English version
Information security, cybersecurity and privacy protection
- Evaluation criteria for IT security - Part 1: Introduction
and general model (ISO/IEC 15408-1:2022)
Sécurité de l'information, cybersécurité et protection Informationssicherheit, Cybersicherheit und Schutz
de la vie privée - Critères d'évaluation pour la sécurité der Privatsphäre - Evaluationskriterien für IT-
des technologies de l'information - Partie 1: Sicherheit - Teil 1: Einführung und allgemeines Modell
Introduction et modèle général (ISO/IEC 15408- (ISO/IEC 15408-1:2022)
1:2022)
This European Standard was approved by CEN on 20 November 2023.
CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for
giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical
references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to
any CEN and CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN and CENELEC member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.
CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and United Kingdom.
CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2023 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. EN ISO/IEC 15408-1:2023 E
reserved worldwide for CEN national Members and for
CENELEC Members.
Contents Page
European foreword . 3
European foreword
The text of ISO/IEC 15408-1:2022 has been prepared by Technical Committee ISO/IEC JTC 1
"Information technology” of the International Organization for Standardization (ISO) and has been
taken over as EN ISO/IEC 15408-1:2023 by Technical Committee CEN-CENELEC/ JTC 13 “Cybersecurity
and Data Protection” the secretariat of which is held by DIN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by June 2024, and conflicting national standards shall be
withdrawn at the latest by June 2024.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN-CENELEC shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN ISO/IEC 15408-1:2020.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN and CENELEC websites.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Endorsement notice
The text of ISO/IEC 15408-1:2022 has been approved by CEN-CENELEC as EN ISO/IEC 15408-1:2023
without any modification.
INTERNATIONAL ISO/IEC
STANDARD 15408-1
Fourth edition
2022-08
Information security, cybersecurity
and privacy protection — Evaluation
criteria for IT security —
Part 1:
Introduction and general model
Sécurité de l'information, cybersécurité et protection de la vie
privée — Critères d'évaluation pour la sécurité des technologies de
l'information —
Partie 1: Introduction et modèle général
Reference number
ISO/IEC 15408-1:2022(E)
© ISO/IEC 2022
ISO/IEC 15408-1:2022(E)
© ISO/IEC 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Contents Page
Foreword . vi
Introduction .viii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Abbreviated terms .13
5 Overview .15
5.1 General . 15
5.2 ISO/IEC 15408 series description . 15
5.2.1 General .15
5.2.2 Audience . . 16
5.3 Target of evaluation (TOE) . 19
5.3.1 General . 19
5.3.2 TOE boundaries . 19
5.3.3 Different representations of the TOE . 20
5.3.4 Different configurations of the TOE . 20
5.3.5 Operational environment of the TOE . 20
5.4 Presentation of material in this document . 21
6 General model .21
6.1 Background . 21
6.2 Assets and security controls . 21
6.3 Core constructs of the paradigm of the ISO/IEC 15408 series . 24
6.3.1 General . 24
6.3.2 Conformance types . 24
6.3.3 Communicating security requirements. 24
6.3.4 Meeting the needs of consumers (risk owners) . 27
7 Specifying security requirements .29
7.1 Security problem definition (SPD) .29
7.1.1 General .29
7.1.2 Threats .29
7.1.3 Organizational security policies (OSPs) .30
7.1.4 Assumptions . 30
7.2 Security objectives . 31
7.2.1 General . 31
7.2.2 Security objectives for the TOE . 31
7.2.3 Security objectives for the operational environment . 31
7.2.4 Relation between security objectives and the SPD . 32
7.2.5 Tracing between security objectives and the SPD . 32
7.2.6 Providing a justification for the tracing . 33
7.2.7 On countering threats.33
7.2.8 Security objectives: conclusion . 33
7.3 Security requirements . . 33
7.3.1 General . 33
7.3.2 Security Functional Requirements (SFRs) .34
7.3.3 Security assurance requirements (SARs) .36
7.3.4 Security requirements: conclusion . 37
8 Security components .38
8.1 Hierarchical structure of security components .38
8.1.1 General .38
8.1.2 Class .38
8.1.3 Family .39
iii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
8.1.4 Component . 39
8.1.5 Element . 39
8.2 Operations . 39
8.2.1 General .39
8.2.2 Iteration .40
8.2.3 Assignment .40
8.2.4 Selection . 41
8.2.5 Refinement . . 43
8.3 Dependencies between components .44
8.4 Extended components.44
8.4.1 General .44
8.4.2 Defining extended components . 45
9 Packages .45
9.1 General . 45
9.2 Package types .46
9.2.1 General .46
9.2.2 Assurance packages .46
9.2.3 Functional packages . 47
9.3 Package dependencies . 47
9.4 Evaluation method(s) and activities. 47
10 Protection Profiles (PPs) .48
10.1 General .48
10.2 PP introduction .48
10.3 Conformance claims and conformance statements.48
10.4 Security assurance requirements (SARs) . 51
10.5 Additional requirements common to strict and demonstrable conformance . 51
10.5.1 Conformance claims and conformance statements . 51
10.5.2 Security problem definition (SPD) . 51
10.5.3 Security objectives . 52
10.6 Additional requirements specific to strict conformance . 52
10.6.1 Requirements for the security problem definition (SPD) . 52
10.6.2 Requirements for the security objectives . 52
10.6.3 Requirements for the security requirements . . 52
10.7 Additional requirements specific to demonstrable conformance .53
10.8 Additional requirements specific to exact conformance . 53
10.8.1 General .53
10.8.2 Conformance claims and statements . 53
10.9 Using PPs .54
10.10 Conformance statements and claims in the case of multiple PPs .54
10.10.1 General .54
10.10.2 Where strict or demonstrable conformance is specified .54
10.10.3 Where exact conformance is specified .54
11 Modular requirements construction .54
11.1 General .54
11.2 PP-Modules. 55
11.2.1 General . 55
11.2.2 PP-Module Base .55
11.2.3 Requirements for PP-Modules . 55
11.3 PP-Configurations . . 59
11.3.1 General . 59
11.3.2 Requirements for PP-Configurations . 59
11.3.3 Usage of PP-Configurations .65
12 Security Targets (STs) .68
12.1 General .68
12.2 Conformance claims and statements .68
12.3 Assurance requirements . 71
iv
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
12.4 Additional requirements in the exact conformance case . 71
12.4.1 Additional requirements for the conformance claim . 71
12.4.2 Additional requirements for the SPD . 71
12.4.3 Additional requirements for the security objectives.72
12.4.4 Additional requirements for the security requirements .72
12.5 Additional requirements in the multi-assurance case .72
13 Evaluation and evaluation results .74
13.1 General .74
13.2 Evaluation context . 76
13.3 Evaluation of PPs and PP-Configurations .77
13.4 Evaluation of STs .77
13.5 Evaluation of TOEs .77
13.6 Evaluation methods and evaluation activities . 78
13.7 Evaluation results . 78
13.7.1 Results of a PP evaluation . 78
13.7.2 Results of a PP-Configuration evaluation . 78
13.7.3 Results of a ST/TOE evaluation . 78
13.8 Multi-assurance evaluation .79
14 Composition of assurance .80
14.1 General .80
14.2 Composition models .81
14.2.1 Layered composition model . 81
14.2.2 Network or bi-directional composition model .82
14.2.3 Embedded composition model .82
14.3 Evaluation techniques for providing assurance in composition models .83
14.3.1 General .83
14.3.2 ACO class for composed TOEs .83
14.3.3 Composite evaluation for composite products .84
14.4 Requirements for evaluations using composition techniques . 95
14.4.1 Re-use of evaluation results . 95
14.4.2 Composition evaluation issues .96
14.5 Evaluation by composition and multi-assurance.97
Annex A (normative) Specification of packages .98
Annex B (normative) Specification of Protection Profiles (PPs) . 102
Annex C (normative) Specification of PP-Modules and PP-Configurations . 112
Annex D (normative) Specification of Security Targets (STs) and Direct Rationale STs . 125
Annex E (normative) PP/PP-Configuration conformance . 136
Bibliography .141
v
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work.
The procedures used to develop this document and those intended for its further maintenance
are described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria
needed for the different types of document should be noted. This document was drafted in
accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives or
www.iec.ch/members_experts/refdocs).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents) or the IEC
list of patent declarations received (see https://patents.iec.ch).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see
www.iso.org/iso/foreword.html. In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 27, Information security, cybersecurity and privacy protection.
This fourth edition cancels and replaces the third edition (ISO/IEC 15408-1:2009), which has been
technically revised.
The main changes are as follows:
— the document has been restructured;
— technical changes have been introduced:
— the terminology has been reviewed and updated;
— the exact conformance type has been introduced;
— low assurance protection profiles (PPs) have been removed and direct rationale PPs have been
introduced;
— PP-Modules and PP-Configurations for modular evaluations have been introduced;
— multi-assurance evaluation has been introduced.
A list of all parts in the ISO/IEC 15408 series can be found on the ISO and IEC websites.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.
vi
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Legal notice
The governmental organizations listed below contributed to the development of this version of the
Common Criteria for Information Technology Security Evaluations. As the joint holders of the copyright
in the Common Criteria for Information Technology Security Evaluations (called CC), they hereby
grant non-exclusive license to ISO/IEC to use CC in the continued development/maintenance of the
ISO/IEC 15408 series of standards. However, these governmental organizations retain the right to use,
copy, distribute, translate or modify CC as they see fit.
Australia The Australian Signals Directorate
Canada Communications Security Establishment
France Agence Nationale de la Sécurité des Systèmes d'Information
Germany Bundesamt für Sicherheit in der Informationstechnik
Japan Information-technology Promotion Agency
Netherlands Netherlands National Communications Security Agency
New Zealand Government Communications Security Bureau
Republic of Korea National Security Research Institute
Spain Ministerio de Asuntos Económicos y Transformación Digital
Sweden FMV, Swedish Defence Materiel Administration
United Kingdom National Cyber Security Centre
United States The National Security Agency
vii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
Introduction
The ISO/IEC 15408 series permits comparability between the results of independent security
evaluations by providing a common set of requirements for the security functionality of IT products and
for assurance measures applied to these IT products during a security evaluation. These IT products
may be implemented in hardware, firmware, or software.
The evaluation process establishes a level of confidence that the security functionality of these IT
products and the assurance measures applied to these IT products meet these requirements. The
evaluation results may help consumers to determine whether these IT products fulfil their security
needs.
The ISO/IEC 15408 series is useful as a guide for the development, evaluation and/or procurement of IT
products with security functionality.
The ISO/IEC 15408 series is intentionally flexible, enabling a range of evaluation approaches to be
applied to a range of security properties of a range of IT products. Therefore, users of the standard are
cautioned to exercise care that this flexibility is not misused. For example, using the ISO/IEC 15408
series in conjunction with unsuitable evaluation methods/activities, irrelevant security properties, or
inappropriate IT products, can result in meaningless evaluation results.
Consequently, the fact that an IT product has been evaluated has meaning only in the context of the
security properties that were evaluated and the evaluation methods that were used. Evaluation
authorities are advised to carefully check the products, properties, and methods to determine that an
evaluation provides meaningful results. Additionally, purchasers of evaluated products are advised to
carefully consider this context to determine whether the evaluated product is useful and applicable to
their specific situation and needs.
The ISO/IEC 15408 series addresses the protection of assets from unauthorized disclosure, modification,
or loss of use. The categories of protection relating to these three types of failure of security are
commonly called confidentiality, integrity, and availability, respectively. The ISO/IEC 15408 series may
also be applicable to aspects of IT security outside of these three categories. The ISO/IEC 15408 series
is applicable to risks arising from human activities (malicious or otherwise) and to risks arising from
non-human activities. The ISO/IEC 15408 series may be applied in other areas of IT but makes no claim
of applicability in these areas.
Certain topics, because they involve specialized techniques or because they are somewhat peripheral
to IT security, are considered to be outside the scope of the ISO/IEC 15408 series. Some of these are
identified below:
a) the ISO/IEC 15408 series does not contain security evaluation criteria pertaining to administrative
security measures not related directly to the IT security functionality. However, it is recognized
that significant security can often be achieved through or supported by administrative measures
such as organizational, personnel, physical, and procedural controls;
b) the ISO/IEC 15408 series does not address the evaluation methodology under which the criteria
should be applied;
NOTE 1 The baseline methodology is defined in ISO/IEC 18045. ISO/IEC 15408-4 can be used to further
derive evaluation activities and methods from ISO/IEC 18045.
c) the ISO/IEC 15408 series does not address the administrative and legal framework under which the
criteria may be applied by evaluation authorities. However, it is expected that the ISO/IEC 15408
series is intended to be used for evaluation purposes in the context of such a framework;
d) the procedures for use of evaluation results in accreditation are outside the scope of the
ISO/IEC 15408 series. Accreditation is the administrative process whereby authority is granted for
the operation of an IT product (or collection thereof) in its full operational environment including
all of its non-IT parts. The results of the evaluation process are an input to the accreditation process.
However, as other techniques are more appropriate for the assessments of non-IT related properties
viii
© ISO/IEC 2022 – All rights reserved
ISO/IEC 15408-1:2022(E)
and their relationship to the IT security parts, accreditors must make separate provisions for those
aspects;
e) the subject of criteria for the assessment of the inherent qualities of cryptographic algorithms is
not covered in the ISO/IEC 15408 series. In the case that independent assessment of mathematical
properties of cryptography is required, the evaluation scheme under which the ISO/IEC 15408
series is applied shall make provision for such assessments.
NOTE 2 This document uses bold and italic type in some cases to distinguish terms from the rest of the text.
The relationship between components within a family is highlighted using a bolding convention. This convention
calls for the use of bold type for all new requirements. For hierarchical components, requirements are presented
in bold type when they are enhanced or modified beyond the requirements of the previous component. In
addition, any new or enhanced permitted operations beyond the previous component are also highlighted using
bold type.
The use of italics indicates text that has a precise meaning. For security assurance requirements the convention
is for special verbs relating to evaluation.
ix
© ISO/IEC 2022 – All rights reserved
INTERNATIONAL STANDARD ISO/IEC 15408-1:2022(E)
Information security, cybersecurity and privacy
protection — Evaluation criteria for IT security —
Part 1:
Introduction and general model
1 Scope
This document establishes the general concepts and principles of IT security evaluation and specifies
the general model of evaluation given by various parts of the standard which in its entirety is meant to
be used as the basis for evaluation of security properties of IT products.
This document provides an overview of all parts of the ISO/IEC 15408 series. It describes the various
parts of the ISO/IEC 15408 series; defines the terms and abbreviations to be used in all parts of the
standard; establishes the core concept of a Target of Evaluation (TOE); describes the evaluation context
and describes the audience to which the evaluation criteria is addressed. An introduction to the basic
security concepts necessary for evaluation of IT products is given.
This document introduces:
— the key concepts of Protection Profiles (PP), PP-Modules, PP-Configurations, packages, Security
Targets (ST), and conformance types;
— a description of the organization of security components throughout the model;
— the various operations by which the functional and assurance components given in ISO/IEC 15408-2
and ISO/IEC 15408-3 can be tailored through the use of permitted operations;
— general information a
...
The **SIST EN ISO/IEC 15408-1:2024** standard serves as a foundational document for the evaluation of IT security, cybersecurity, and privacy protection. Its primary objective is to establish general concepts and principles for IT security evaluation, providing a comprehensive model that underpins various aspects of the ISO/IEC 15408 series. This standard is pivotal for organizations seeking to ensure the security properties of their IT products through standardized evaluation criteria. One of the key strengths of the standard lies in its thorough introduction of essential terminology, including Protection Profiles (PP), Security Targets (ST), and Evaluation Assurance Levels (EALs). By defining these crucial elements, the document fosters a clear understanding of the evaluation framework and its applicability, which is vital for both evaluators and developers of IT products. Moreover, the standard elucidates the concept of a Target of Evaluation (TOE), which is central to the evaluation process. This clarity facilitates a systematic approach to assessing IT security, ensuring that evaluators have a well-defined focus when conducting assessments. The inclusion of tailored operations for functional and assurance components enhances the standard's adaptability, allowing organizations to implement security solutions that meet specific needs while still conforming to the overarching model. The document also provides insights into the evaluation methods outlined in ISO/IEC 18045, offering guidance for the development of evaluation methods and activities. This aspect significantly enriches the standard by linking evaluation criteria with practical application, ensuring that organizations can effectively evaluate their security practices in a structured manner. Additionally, the comprehensive overview of the ISO/IEC 15408 series serves a vital role in understanding the interrelation of the various parts of the standard. It enables stakeholders to appreciate the full scope of the evaluation framework and how each part contributes to the overarching goals of IT security. In conclusion, the SIST EN ISO/IEC 15408-1:2024 standard is a critical resource for professionals engaged in IT security evaluation. Its strengths lie in its clarity, comprehensiveness, and practical guidance, making it an essential reference for ensuring that IT products are evaluated against robust security criteria. The standard's relevance in today's cybersecurity landscape cannot be overstated, as it provides the necessary foundation for organizations aiming to safeguard their information systems against ever-evolving threats.
EN ISO/IEC 15408-1:2023標準は、ITセキュリティ評価の一般的な概念と原則を確立し、さまざまな部分から構成される評価の一般モデルを特定しています。この標準は、IT製品のセキュリティ特性を評価するための基礎として使用されることを目的としています。この文書は、ISO/IEC 15408シリーズ全体の概要を提供し、標準のすべての部分で使用される用語と略語を定義しています。また、「評価の対象(TOE)」という核心概念を確立し、評価の文脈を説明するとともに、評価基準が向けられる対象者を明確にしています。 本標準の強みは、その包括的なアプローチにあります。特に、保護プロファイル(PP)、PPモジュール、PP構成、パッケージ、セキュリティターゲット(ST)、および適合タイプなどの主要な概念を導入することで、評価の枠組みが整理されています。これにより、ユーザーはIT製品の安全性を効果的に評価できるようになります。 さらに、ISO/IEC 15408-2およびISO/IEC 15408-3で提供される機能および保証コンポーネントをカスタマイズするために許可されている操作の利用方法が詳細に説明されています。評価手法に関する一般情報や、ISO/IEC 18045から派生した評価方法(EM)や評価活動(EA)を発展させるためのISO/IEC 15408-4の適用についてのガイダンスも提供されています。また、ISO/IEC 15408-5で定義された事前定義の評価保証レベル(EAL)に関する情報も含まれており、評価スキームの範囲についての詳細も付記されています。 全体的に見て、EN ISO/IEC 15408-1:2023は、情報セキュリティ、サイバーセキュリティ、及びプライバシー保護の分野に関連する重要な情報を包括的に整理し、実践的な評価基準を提供することで、IT製品のセキュリティ評価に対する信頼性と透明性を高める標準です。この標準は、企業や組織が必要とするセキュリティ評価のための貴重なリソースとなります。
EN ISO/IEC 15408-1:2023 표준은 IT 보안 평가에 대한 일반 개념과 원칙을 정립하고, 다양한 표준의 부분들이 제공하는 평가의 일반 모델을 명시하고 있습니다. 이 문서는 IT 제품의 보안 속성을 평가하기 위한 기초로 사용되도록 설계되어 있습니다. 이 표준의 강점 중 하나는 ISO/IEC 15408 시리즈의 모든 부분에 대한 개요를 제공한다는 점입니다. 이는 사용자가 각 부분에서 사용할 용어와 약어를 정의하며, 평가 대상(TOE)의 핵심 개념을 정립합니다. 문서는 평가 맥락을 설명하고 평가 기준이 적용되는 대상을 설명하여 사용자에게 필요한 배경 지식을 제공합니다. 특히, 보호 프로필(PP), PP 모듈, PP 구성, 패키지, 보안 목표(ST), 적합성 유형 등의 주요 개념을 소개하는 것이 큰 장점입니다. 이러한 개념은 보안 평가를 체계적으로 진행하기 위한 필수 요소로, 다양한 보안 구성 요소들이 모델 전반에 걸쳐 어떻게 조직되는지를 설명합니다. 더불어 ISO/IEC 15408-2 및 ISO/IEC 15408-3에서 제공하는 기능적 및 보증 구성 요소들을 허용된 작업을 통해 어떻게 조정할 수 있는지를 제시합니다. 이는 각각의 평가 방법론에 대한 구체적인 정보와 함께 ISO/IEC 18045의 평가 방법에 대한 일반적인 안내를 포함하고 있습니다. 또한, 미리 정의된 평가 보증 수준(EAL)에 대한 일반 정보와 평가 계획의 범위에 대한 정보도 제공되어, 평가 과정의 전반적인 이해를 돕습니다. ISO/IEC 15408-4의 적용 안내는 평가 방법(EM) 및 평가 활동(EA) 개발에 있어 필수적인 요소로 작용합니다. 결론적으로, EN ISO/IEC 15408-1:2023은 IT 보안 및 사이버 보안 보호에 대한 평가 기준을 설정하는데 중추적인 역할을 하며, 평가자와 관련 이해관계자들에게 꼭 필요한 지침을 제공합니다. 이 표준은 IT 제품의 보안 속성을 평가하고, 사이버 보안 및 개인정보 보호의 중요성이 점점 더 커지는 현재의 상황에 매우 적합합니다.
Die EN ISO/IEC 15408-1:2023 ist ein fundamental wichtiges Dokument für die Bewertung von IT-Sicherheit und legt die allgemeinen Konzepte sowie Prinzipien für die evaluierten Sicherheitsmerkmale von IT-Produkten fest. Die Norm dient als Einführung in die gesamte Serie ISO/IEC 15408 und ist somit von erheblicher Relevanz für Fachleute im Bereich Informationstechnologie, Cybersicherheit und Datenschutz. Ein herausragender Aspekt dieser Norm ist die klare Definition des "Targets of Evaluation" (TOE), die den Rahmen für die Sicherheitsbewertung festlegt und es ermöglicht, spezifische Sicherheitseigenschaften systematisch zu evaluieren. Zusätzlich vermittelt das Dokument eine Übersicht über die verschiedenen Teile der ISO/IEC 15408-Serie, was die Komplexität der Thematik erheblich reduziert und den Zugang für die Benutzer erleichtert. Die Norm hebt die Schlüsselkonzepte wie Protection Profiles (PP), PP-Module, PP-Konfigurationen, sowie Security Targets (ST) hervor. Diese Definitionen sind entscheidend, da sie eine einheitliche Sprache und ein gemeinsames Verständnis fördern, was die Konsistenz in der Bewertung von IT-Sicherheitsprodukten verbessert. Die detaillierte Beschreibung der Sicherheitskomponenten innerhalb des Modells zeigt außerdem, wie diese Komponenten organisiert sind und zusammenwirken, um eine robuste Sicherheitsarchitektur zu schaffen. Besonders bemerkenswert ist die Vorgehensweise zur Anpassung von funktionalen und Garantiekomponenten, die gemäß ISO/IEC 15408-2 und ISO/IEC 15408-3 durch genehmigte Operationen modifiziert werden können. Dies ermöglicht eine flexible und bedarfsgerechte Bewertung, die an verschiedene Produkte und deren spezifische Sicherheitsanforderungen angepasst werden kann. Zudem bietet die Norm allgemeine Informationen zu den Evaluierungsmethoden, die in ISO/IEC 18045 beschrieben sind, was wiederum die Anwendung von standardisierten Verfahren zur Sicherheitsevaluierung unterstützt. Ein weiterer wertvoller Punkt der Norm ist die Anleitung zur Anwendung von ISO/IEC 15408-4 zur Entwicklung von Evaluierungsmethoden (EM) und Evaluierungsaktivitäten (EA). Besonders die vorab definierten Evaluation Assurance Levels (EALs) gemäß ISO/IEC 15408-5 werden klar skizziert, was die Bewertung von Sicherheitsanforderungen erheblich vereinfacht und standardisiert. Insgesamt bietet die EN ISO/IEC 15408-1:2023 einen umfassenden und gut strukturierten Rahmen, der sowohl für Evaluatoren als auch für Hersteller von IT-Sicherheitsprodukten von großer Bedeutung ist. Die Norm fördert nicht nur ein besseres Verständnis von Sicherheitsbewertungskriterien, sondern stellt auch sicher, dass dieser Bereich standardisiert und effizient angegangen wird.
EN ISO/IEC 15408-1:2023は、ITセキュリティ評価の基本的な概念と原則を確立し、IT製品のセキュリティ特性評価の基礎として用いるための一般的モデルを定めた標準文書です。この標準は、ITセキュリティ、サイバーセキュリティ、プライバシー保護に関連する評価基準を明確にし、利用者にとっての重要性と関連性を強調しています。 この文書では、ISO/IEC 15408シリーズの各部分の概要が説明されており、評価の対象であるTarget of Evaluation (TOE)のコアコンセプトが確立されています。また、評価基準が対象とするオーディエンスや評価コンテキストについても詳しく述べられています。具体的には、Protection Profiles (PP)、PP-Modules、PP-Configurations、Security Targets (ST)、および準拠タイプなどの重要な概念を導入しています。 ISO/IEC 15408-1:2023は、セキュリティコンポーネントの組織化を通じて全体のモデルを解説しており、ISO/IEC 15408-2およびISO/IEC 15408-3で示される機能的および保証的コンポーネントを許可された操作によって整形する手段も提供しています。この柔軟性により、さまざまなIT製品の評価が実施可能となります。 さらに、ISO/IEC 18045に基づく評価方法についての一般情報が提示されており、ISO/IEC 15408-4の適用に関するガイダンスも含まれています。これにより、評価方法(EM)や評価活動(EA)の開発が促進され、具体的な評価プロセスの設計が可能となります。また、ISO/IEC 15408-5で定義された評価保証レベル(EAL)に関する情報も含まれ、評価スキームの範囲についても詳述されています。 このように、EN ISO/IEC 15408-1:2023は、ITセキュリティ評価の包括的なフレームワークを提供することで、業界の様々な利害関係者にとって非常に重要であり、実用的な指針となる標準です。セキュリティの評価基準におけるこの標準の展開は、製品やサービスの信頼性を高め、情報セキュリティの向上に寄与します。
La norme EN ISO/IEC 15408-1:2023 se distingue par son approche exhaustive concernant l'évaluation de la sécurité des technologies de l'information. Son champ d'application est clairement défini, fournissant un cadre général pour l'évaluation des propriétés de sécurité des produits IT. En établissant des concepts et des principes fondamentaux, cette norme constitue une base solide pour les évaluations de sécurité. Parmi les forces notables de cette norme, on trouve l'introduction de concepts clés tels que les Profils de Protection (PP) et les cibles de sécurité (ST), qui facilitent la compréhension et l'application des critères d'évaluation. L'organisation des composantes de sécurité au sein du modèle est clairement décrite, ce qui rend la norme accessible tant pour les experts que pour les nouveaux utilisateurs dans le domaine de la cybersécurité. De plus, la norme propose des informations générales sur les méthodes d'évaluation sonnées par l'ISO/IEC 18045, ainsi que des lignes directrices pour l'application de l'ISO/IEC 15408-4, contribuant à l'élaboration de méthodes et d'activités d'évaluation. Cette interconnexion entre les différentes parties de la norme et d'autres normes connexes enrichit encore le document, en renforçant sa pertinence dans le cadre plus vaste de la sécurité de l'information et de la protection de la vie privée. Un autre aspect essentiel est la référence aux niveaux d'assurance d'évaluation (EAL) prédéfinis dans l'ISO/IEC 15408-5, qui permet de situer les exigences d'évaluation par rapport à des critères de sécurité standards. Cela offre une transparence et un cadre de référence pour les acteurs du secteur qui souhaitent évaluer et certifier leurs produits IT selon des normes établies. En somme, la norme EN ISO/IEC 15408-1:2023 est un document fondamental qui offre une structure claire et cohérente pour les évaluations de sécurité, assurant ainsi une protection adéquate contre les menaces à la cybersécurité et la vie privée, tout en maintenant un lien intégral avec les autres parties de la série ISO/IEC 15408.
EN ISO/IEC 15408-1:2023 표준은 IT 보안 평가의 일반 개념과 원칙을 설정하며, IT 제품의 보안 특성을 평가하기 위한 기준으로 사용되도록 설계된 전체 표준의 일반 모델을 명시합니다. 이 문서는 ISO/IEC 15408 시리즈의 모든 부분에 대한 개요를 제공하고, 표준의 모든 부분에서 사용할 용어와 약어를 정의하며, 평가 대상(Target of Evaluation, TOE)의 핵심 개념을 확립합니다. 이 표준의 주요 강점 중 하나는 프로텍션 프로파일(Protection Profiles, PP), PP 모듈, PP 구성, 패키지, 보안 목표(Security Targets, ST), 적합성 유형과 같은 핵심 개념의 명확한 소개입니다. 이는 IT 제품 평가를 위한 기본적인 보안 개념을 이해하는 데 큰 도움이 됩니다. 또한, 보안 구성 요소의 모델 전반에 걸친 조직을 설명하며, ISO/IEC 15408-2와 ISO/IEC 15408-3에서 제공하는 기능적 및 보증 구성 요소를 허용된 작업을 통해 조정하는 다양한 운영 방법을 제시합니다. 이 문서에서는 ISO/IEC 18045에서 제공되는 평가 방법에 대한 일반 정보도 제공하며, 이 정보를 바탕으로 ISO/IEC 15408-4의 적용 가이드를 제시하여 평가 방법(EM)과 평가 활동(EA)을 개발하는 데 필요한 유용한 자료를 제공합니다. 또한, ISO/IEC 15408-5에서 정의된 사전 정의된 평가 보증 수준(EAL)에 대한 일반적인 정보도 포함되어 있습니다. ISO/IEC 15408-1:2023 표준은 기술적 요구 사항을 충족하면서도 보안 평가 기준을 효과적으로 전파하기 위한 구조적 틀을 마련하고 있습니다. 평가 схем의 범위와 관련된 정보도 제공하여 평가를 수행하는 과정에서의 명확한 지침을 제시함으로써, 정보 보안 및 사이버 보안 분야에서의 중요성을 더욱 부각시키고 있습니다. 이로 인해 IT 보안 평가의 신뢰성을 높이는 데 기여하고 있습니다.
The EN ISO/IEC 15408-1:2023 standard, titled "Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 1: Introduction and general model," serves as a foundational document for the evaluation of IT security products. Its scope encompasses the establishment of fundamental concepts and principles that underpin IT security evaluation, setting the groundwork for a comprehensive evaluation model that is elaborated upon in subsequent parts of this standard. One of the primary strengths of this standard is its thorough overview of the ISO/IEC 15408 series, clearly outlining the interconnectedness of its various components. It effectively defines key terms and abbreviations, ensuring clarity and consistency in communication among stakeholders involved in IT security evaluations. This is particularly important in a field where precise terminology and shared understanding are critical for successful collaboration and compliance. The introduction of essential concepts such as the Target of Evaluation (TOE), Protection Profiles (PP), Security Targets (ST), and Evaluation Assurance Levels (EALs) highlights the relevance of this document. It not only serves as a primer for professionals new to IT security evaluation but also reinforces the foundational knowledge necessary for seasoned experts. The organization of security components across the model provides a structured approach to understanding the evaluation process, thus facilitating the application of its principles in real-world scenarios. Furthermore, the standard addresses the evaluation methods outlined in ISO/IEC 18045, offering guidance for developing Evaluation Methods (EM) and Evaluation Activities (EA) based on these established criteria. This aspect of the standard is particularly advantageous as it promotes a cohesive methodology for evaluating security properties, thereby enhancing the reliability of assessments and reinforcing the robustness of IT security practices. Overall, EN ISO/IEC 15408-1:2023 stands out for its structured framework, comprehensive coverage of evaluation aspects, and its intrinsic relevance to current practices in information security, cybersecurity, and privacy protection. This standard is an essential reference point for practitioners aiming to navigate the complexities of IT security evaluations effectively.
Le document SIST EN ISO/IEC 15408-1:2024 constitue une référence essentielle dans le domaine de la sécurité de l'information, de la cybersécurité et de la protection de la vie privée. Ce standard fixe les concepts généraux et les principes relatifs à l'évaluation de la sécurité informatique, offrant ainsi un modèle cohérent et systématique pour l'évaluation des propriétés de sécurité des produits informatiques. L'une des forces majeures de ce standard réside dans sa capacité à rassembler l'ensemble des parties de la série ISO/IEC 15408. Il présente de manière claire et structurée les différents éléments qui doivent être pris en compte lors de l'évaluation des produits, notamment les Profils de Protection (PP), les modules et configurations de PP, ainsi que les cibles de sécurité (ST). Cette approche intégrée permet aux évaluateurs de disposer d'un cadre robuste et d'une terminologie normalisée, facilitant ainsi la compréhension et la mise en œuvre des critères d'évaluation. En outre, le document aborde le contexte d'évaluation en précisant le public visé, ce qui est crucial pour appliquer adéquatement les critères d'évaluation. Les concepts fondamentaux de la sécurité présentés constituent un socle de connaissances nécessaires qui enrichit le processus d'évaluation des produits informatiques. Un autre point fort est la description des opérations permettant de personnaliser les composants fonctionnels et d'assurance, qui sont traités dans d'autres parties de la norme (ISO/IEC 15408-2 et ISO/IEC 15408-3). Cela permet une flexibilité d'utilisation des méthodes d'évaluation, tout en respectant les cadres préétablis. De plus, les niveaux d'assurance d'évaluation (EAL) définis dans le standard permettent de mieux comprendre le degré de robustesse et de confiance associé à chaque évaluation. La pertinence de SIST EN ISO/IEC 15408-1:2024 s'étend bien au-delà de la simple conformité réglementaire ; elle constitue un outil indispensable pour toute organisation cherchant à garantir la sécurité et la résilience de ses produits informatiques dans un environnement de plus en plus complexe et menaçant. En somme, ce standard est un pilier qui permet de structurer l'évaluation de la sécurité des systèmes d'information tout en offrant des méthodes et des outils adaptés aux exigences variées du secteur.
Die Norm EN ISO/IEC 15408-1:2023 bietet eine umfassende Grundlage für die Bewertung der IT-Sicherheit und ist von größter Bedeutung für die Entwicklung von Sicherheitsanforderungen für IT-Produkte. Der Dokumenteninhalt befasst sich mit den allgemeinen Konzepten und Prinzipien der IT-Sicherheitsbewertung und definiert das allgemeine Bewertungsmodell, das in den verschiedenen Teilen der Norm verwendet wird. Ein wesentlicher Stärke der Norm liegt in der klaren Definition der Schlüsselkategorien wie Protection Profiles (PP), PP-Module und Security Targets (ST). Diese Begriffe sind entscheidend für die Implementierung von Sicherheitsbewertungssystemen und tragen zur Schaffung eines einheitlichen Verständnisses bei. Zudem wird die Organisation der Sicherheitskomponenten im Modell übersichtlich dargestellt, was Fachleuten hilft, die Zusammenhänge besser zu verstehen und zu navigieren. Des Weiteren behandelt die Norm die Anpassung funktionaler und sicherheitsbezogener Komponenten, was durch die Definition erlaubter Operationen ermöglicht wird. Dies ist besonders relevant, da es Flexibilität bei der Anwendung der Norm auf unterschiedliche IT-Produkte und -Umgebungen bietet. Zudem wird auf die Bewertungsmethoden hingewiesen, die in ISO/IEC 18045 festgelegt sind, und es wird Anleitung zur Anwendung von ISO/IEC 15408-4 gegeben, um Bewertungsmethoden und -aktivitäten zu entwickeln, die auf ISO/IEC 18045 basieren. Ein weiterer wichtiger Aspekt ist die Diskussion über die vordefinierten Evaluation Assurance Levels (EALs) in ISO/IEC 15408-5. Diese abgestuften Sicherheitsniveaus geben Anwendern eine klare Vorstellung von den Sicherheitsgarantien, die ein Produkt bietet, und fördern somit das Vertrauen in Sicherheitslösungen. Insgesamt ist die Norm EN ISO/IEC 15408-1:2023 äußerst relevant für alle Akteure im Bereich der IT-Sicherheit, einschließlich Hersteller, Evaluatoren und Endbenutzer. Sie bietet nicht nur eine solide Grundlage für die Sicherheitsbewertung, sondern stellt auch sicher, dass die Bewertungsprozesse konsistent und nachvollziehbar sind, was für das Vertrauen in IT-Produkte von entscheidender Bedeutung ist.
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.
Loading comments...