GB/T 18336.1-2015: Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model

Delivery: 9 seconds. Download (and Email) true-PDF + Invoice.
Get Quotation: Click GB/T 18336.1-2015 (Self-service in 1-minute)
Newer / historical versions: GB/T 18336.1-2015

Preview True-PDF

Scope

This Part of GB/T 18336 establishes the general concepts and principles of IT security
evaluation and specifies the general model of evaluation given by various parts of the
ISO/IEC 15408 which in its entirety is meant to be used as the basis for evaluation of
security properties of IT products.
It provides an overview of all parts of ISO/IEC 15408.It describes the various parts of the
ISO/IEC 15408; defines the terms and abbreviations to be used in all parts of the ISO/IEC
15408; establishes the core concept of a Target of Evaluation (TOE); the evaluation
context; and describes the audience to which the evaluation criteria are addressed. An
introduction to the basic security concepts necessary for evaluation of IT products is
given.
It defines the various operations by which the functional and assurance components given
in ISO/IEC 15408-2 and ISO/IEC 15408-3 may be tailored through the use of permitted
operations.
The key concepts of protection profiles (PP), packages of security requirements and the
topic of conformance are specified and the consequences of evaluation and evaluation
results are described. This Part of ISO/IEC 15408 gives guidelines for the specification of
Security Targets (ST) and provides a description of the organization of components
throughout the model. General information about the evaluation method and the scope of
evaluation schemes shall be provided in IT safety evaluation methodology.

Basic Data

Standard ID	GB/T 18336.1-2015 (GB/T18336.1-2015)
Description (Translated English)	Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model
Sector / Industry	National Standard (Recommended)
Classification of Chinese Standard	L80
Classification of International Standard	35.040
Word Count Estimation	92,969
Date of Issue	2015-05-15
Date of Implementation	2016-01-01
Older Standard (superseded by this standard)	GB/T 18336.1-2008
Quoted Standard	ISO/IEC 15408-2; ISO/IEC 15408-3; ISO/IEC 18045
Adopted Standard	ISO/IEC 15403-2009, IDT
Regulation (derived from)	National Standard Announcement 2015 No. 15
Issuing agency(ies)	General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary	This Standard specifies the general concepts and principles of IT security evaluation, a detailed description of the general assessment model ISO/IEC 15408 gives each part can be used as the basis of assessment of IT product security attributes of the model as a whole. This section gives the ISO/IEC 15408 for a general overview. It describes the ISO/IEC 15408 for each part; defines terms and abbreviations in ISO/IEC 15408 the parts that will be used to establish the core concept of the evaluation objects (TOE), discusses the assessment of the back catalog, and describes Audience guidelines for the assessment.