CAN CSA-ISO IEC 15408-3-2009 Information technology Security techniques Evaluation criteria for IT security Part 3 Security assurance components.pdf

上传人:explodesoak291 文档编号:590601 上传时间:2018-12-15 格式:PDF 页数:196 大小:3.44MB
下载 相关 举报
CAN CSA-ISO IEC 15408-3-2009 Information technology  Security techniques  Evaluation criteria for IT security  Part 3 Security assurance components.pdf_第1页
第1页 / 共196页
CAN CSA-ISO IEC 15408-3-2009 Information technology  Security techniques  Evaluation criteria for IT security  Part 3 Security assurance components.pdf_第2页
第2页 / 共196页
CAN CSA-ISO IEC 15408-3-2009 Information technology  Security techniques  Evaluation criteria for IT security  Part 3 Security assurance components.pdf_第3页
第3页 / 共196页
CAN CSA-ISO IEC 15408-3-2009 Information technology  Security techniques  Evaluation criteria for IT security  Part 3 Security assurance components.pdf_第4页
第4页 / 共196页
CAN CSA-ISO IEC 15408-3-2009 Information technology  Security techniques  Evaluation criteria for IT security  Part 3 Security assurance components.pdf_第5页
第5页 / 共196页
亲,该文档总共196页,到这儿已超出免费预览范围,如果喜欢就下载吧!
资源描述

1、Information technology Security techniques Evaluation criteria for IT security Part 3: Security assurance componentsCAN/CSA-ISO/IEC 15408-3-09National Standard of Canada(ISO/IEC 15408-3:2008, IDT)NOT FOR RESALE.PUBLICATION NON DESTINE LA REVENTE.Legal Notice for StandardsCanadian Standards Associati

2、on (CSA) standards are developed through a consensus standards development process approved by the Standards Council of Canada. This process brings together volunteers representing varied viewpoints and interests to achieve consensus and develop a standard. Although CSA administers the process and e

3、stablishes rules to promote fairness in achieving consensus, it does not independently test, evaluate, or verify the content of standards.Disclaimer and exclusion of liabilityThis document is provided without any representations, warranties, or conditions of any kind, express or implied, including,

4、without limitation, implied warranties or conditions concerning this documents fitness for a particular purpose or use, its merchantability, or its non-infringement of any third partys intellectual property rights. CSA does not warrant the accuracy, completeness, or currency of any of the informatio

5、n published in this document. CSA makes no representations or warranties regarding this documents compliance with any applicable statute, rule, or regulation. IN NO EVENT SHALL CSA, ITS VOLUNTEERS, MEMBERS, SUBSIDIARIES, OR AFFILIATED COMPANIES, OR THEIR EMPLOYEES, DIRECTORS, OR OFFICERS, BE LIABLE

6、FOR ANY DIRECT, INDIRECT, OR INCIDENTAL DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES, HOWSOEVER CAUSED, INCLUDING BUT NOT LIMITED TO SPECIAL OR CONSEQUENTIAL DAMAGES, LOST REVENUE, BUSINESS INTERRUPTION, LOST OR DAMAGED DATA, OR ANY OTHER COMMERCIAL OR ECONOMIC LOSS, WHETHER BASED IN CONTRACT, TORT (IN

7、CLUDING NEGLIGENCE), OR ANY OTHER THEORY OF LIABILITY, ARISING OUT OF OR RESULTING FROM ACCESS TO OR POSSESSION OR USE OF THIS DOCUMENT, EVEN IF CSA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES.In publishing and making this document available, CSA is not unde

8、rtaking to render professional or other services for or on behalf of any person or entity or to perform any duty owed by any person or entity to another person or entity. The information in this document is directed to those who have the appropriate degree of experience to use and apply its contents

9、, and CSA accepts no responsibility whatsoever arising in any way from any and all use of or reliance on the information contained in this document. CSA is a private not-for-profit company that publishes voluntary standards and related documents. CSA has no power, nor does it undertake, to enforce c

10、ompliance with the contents of the standards or other documents it publishes. Intellectual property rights and ownershipAs between CSA and the users of this document (whether it be in printed or electronic form), CSA is the owner, or the authorized licensee, of all works contained herein that are pr

11、otected by copyright, all trade-marks (except as otherwise noted to the contrary), and all inventions and trade secrets that may be contained in this document, whether or not such inventions and trade secrets are protected by patents and applications for patents. Without limitation, the unauthorized

12、 use, modification, copying, or disclosure of this document may violate laws that protect CSAs and/or others intellectual property and may give rise to a right in CSA and/or others to seek legal redress for such use, modification, copying, or disclosure. To the extent permitted by licence or by law,

13、 CSA reserves all intellectual property rights in this document.Patent rightsAttention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights. CSA shall not be held responsible for identifying any or all such patent rights. Users of this standard a

14、re expressly advised that determination of the validity of any such patent rights is entirely their own responsibility.Authorized use of this documentThis document is being provided by CSA for informational and non-commercial use only. The user of this document is authorized to do only the following

15、:If this document is in electronic form:.load this document onto a computer for the sole purpose of reviewing it;.search and browse this document; and.print this document if it is in PDF format. Limited copies of this document in print or paper form may be distributed only to persons who are authori

16、zed by CSA to have such copies, and only if this Legal Notice appears on each such copy.In addition, users may not and may not permit others to.alter this document in any way or remove this Legal Notice from the attached standard;.sell this document without authorization from CSA; or.make an electro

17、nic copy of this document.If you do not agree with any of the terms and conditions contained in this Legal Notice, you may not load or use this document or make any copies of the contents hereof, and if you do make such copies, you are required to destroy them immediately. Use of this document const

18、itutes your acceptance of the terms and conditions of this Legal Notice.CSA Standards Update ServiceCAN/CSA-ISO/IEC 15408-3-09October 2009Title: Information technology Security techniques Evaluation criteria for IT security Part 3: Security assurance componentsPagination: 187 pages (CSA/1CSA/5, ixi,

19、 and 171 text)To register for e-mail notification about any updates to this publicationgo to www.ShopCSA.caclick on E-mail Services under MY ACCOUNTclick on CSA Standards Update ServiceThe List ID that you will need to register for updates to this publication is 2419929.If you require assistance, pl

20、ease e-mail techsupportcsa.ca or call 416-747-2233.Visit CSAs policy on privacy at www.csagroup.org/legal to find out how we protect your personal information.The Canadian Standards Association (CSA),under whose auspices this National Standard hasbeen produced, was chartered in 1919 andaccredited by

21、 the Standards Council of Canadato the National Standards system in 1973. It is anot-for-profit, nonstatutory, voluntary membershipassociation engaged in standards development andcertification activities.CSA standards reflect a national consensus ofproducers and users including manufacturers,consume

22、rs, retailers, unions and professionalorganizations, and governmental agencies. Thestandards are used widely by industry and commerceand often adopted by municipal, provincial, andfederal governments in their regulations, particularlyin the fields of health, safety, building andconstruction, and the

23、 environment.Individuals, companies, and associations acrossCanada indicate their support for CSAs standardsdevelopment by volunteering their time and skillsto CSA Committee work and supporting theAssociations objectives through sustainingmemberships. The more than 7000 committeevolunteers and the 2

24、000 sustaining membershipstogether form CSAs total membership from whichits Directors are chosen. Sustaining membershipsrepresent a major source of income for CSAsstandards development activities.The Association offers certification and testingservices in support of and as an extension to itsstandar

25、ds development activities. To ensure theintegrity of its certification process, the Associationregularly and continually audits and inspects productsthat bear the CSA Mark.In addition to its head office and laboratorycomplex in Toronto, CSA has regional branch officesin major centres across Canada a

26、nd inspection andtesting agencies in eight countries. Since 1919, theAssociation has developed the necessary expertise tomeet its corporate mission: CSA is an independentservice organization whose mission is to provide anopen and effective forum for activities facilitating theexchange of goods and s

27、ervices through the use ofstandards, certification and related services to meetnational and international needs.For further information on CSA services, write toCanadian Standards Association5060 Spectrum Way, Suite 100Mississauga, Ontario, L4W 5N6CanadaThe Standards Council of Canada (SCC) is theco

28、ordinating body of the National StandardsSystem, a coalition of independent, autonomousorganizations working towards the furtherdevelopment and improvement of voluntarystandardization in the national interest.The principal objects of the SCC are to fosterand promote voluntary standardization as a me

29、ansof advancing the national economy, benefiting thehealth, safety, and welfare of the public, assistingand protecting the consumer, facilitating domesticand international trade, and furthering internationalcooperation in the field of standards.A National Standard of Canada (NSC) is a standardprepar

30、ed or reviewed by an accredited StandardsDevelopment Organization (SDO) and approvedby the SCC according to the requirements of CAN-P-2.Approval does not refer to the technical content of thestandard; this remains the continuing responsibility ofthe SDO. An NSC reflects a consensus of a number ofcap

31、able individuals whose collective interests provide,to the greatest practicable extent, a balance ofrepresentation of general interests, producers,regulators, users (including consumers), and otherswith relevant interests, as may be appropriate to thesubject in hand. It normally is a standard which

32、iscapable of making a significant and timely contributionto the national interest.Those who have a need to apply standards areencouraged to use NSCs. These standards are subjectto periodic review. Users of NSCs are cautionedto obtain the latest edition from the SDO whichpublishes the standard.The re

33、sponsibility for approving standards asNational Standards of Canada rests with theStandards Council of Canada270 Albert Street, Suite 200Ottawa, Ontario, K1P 6N7CanadaAlthough the intended primary application of this Standard is stated in its Scope, it is importantto note that it remains the respons

34、ibility of the users to judge its suitability for their particular purpose.Registered trade-mark of Canadian Standards AssociationCette norme est offerte en anglais seulement pour le moment. La CSA publiera la version enfranais ds quelle sera produite par lorganisme rdacteur.Reviewed byNational Stan

35、dard of CanadaPublished in October 2009 by Canadian Standards AssociationA not-for-profit private sector organization5060 Spectrum Way, Suite 100, Mississauga, Ontario, Canada L4W 5N61-800-463-6727 416-747-4044Visit our Online Store at www.ShopCSA.caApproved byStandards Council of CanadaCAN/CSA-ISO/

36、IEC 15408-3-09Information technology Security techniques Evaluation criteria for IT security Part 3: Security assurance componentsPrepared by International Organization for Standardization/ International Electrotechnical CommissionCAN/CSA-ISO/IEC 15408-3-09Information technology Security techniques

37、Evaluationcriteria for IT security Part 3: Security assurance componentsCSA/4 Canadian Standards Association October 2009CAN/CSA-ISO/IEC 15408-3-09Information technology Security techniques Evaluation criteria for IT security Part 3: Security assurance componentsCSA PrefaceStandards development with

38、in the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1)

39、for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).T

40、his Standard supersedes CAN/CSA-ISO/IEC 15408-3-06 (adoption of ISO/IEC 15408-3:2005). At the time of publication, ISO/IEC 15408-3:2008 is available from ISO and IEC in English only. CSA will publish the French version when it becomes available from ISO and IEC.This International Standard was review

41、ed by the CSA TCIT under the jurisdiction of the Strategic Steering Committee on Information Technology and deemed acceptable for use in Canada. From time to time, ISO/IEC may publish addenda, corrigenda, etc. The CSA TCIT will review these documents for approval and publication. For a listing, refe

42、r to the CSA Information Products catalogue or CSA Info Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by the Technical Committee and has been approved as a National Standard of Canada by the Standards Council of Canada.October 2009 Cana

43、dian Standards Association 2009All rights reserved. No part of this publication may be reproduced in any form whatsoever without the prior permission of the publisher. ISO/IEC material is reprinted with permission. Where the words “this International Standard” appear in the text, they should be inte

44、rpreted as “this National Standard of Canada”.Inquiries regarding this National Standard of Canada should be addressed toCanadian Standards Association5060 Spectrum Way, Suite 100, Mississauga, Ontario, Canada L4W 5N61-800-463-6727 416-747-4000www.csa.caTo purchase CSA Standards and related publicat

45、ions, visit CSAs Online Store at www.ShopCSA.ca or call toll-free 1-800-463-6727 or 416-747-4044.CAN/CSA-ISO/IEC 15408-3-09Information technology Security techniques Evaluationcriteria for IT security Part 3: Security assurance componentsOctober 2009 Canadian Standards Association CSA/5CSA Standards

46、 are subject to periodic review, and suggestions for their improvement will be referred to the appropriate committee. To submit a proposal for change to CSA Standards, please send the following information to inquiriescsa.ca and include “Proposal for change” in the subject line:(a) Standard designat

47、ion (number);(b) relevant clause, table, and/or figure number;(c) wording of the proposed change; and(d) rationale for the change.Reference numberISO/IEC 15408-3:2008(E)ISO/IEC 2008INTERNATIONAL STANDARD ISO/IEC15408-3Third edition2008-08-15Information technology Security techniques Evaluation crite

48、ria for IT security Part 3: Security assurance components Technologies de linformation Techniques de scurit Critres dvaluation pour la scurit TI Partie 3: Composants dassurance de scurit ISO/IEC 15408-3:2008(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes li

49、censing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General In

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 标准规范 > 国际标准 > 其他

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1