Home  >  Fourth Edition  >  Chapter 27
Chapter 27 –  Standards for Security Products
     Paul J. Brusil, Ph.D
     Noel Zakin

Chapter Contents:

   27.1    Introduction
   27.2    Security Assessment Standards Associated with Security Implementations
   27.2.1    Security Technology and Product Assessment Standards    Security Proof of Concept Keystone (SPOCK)    VPN Consortium
   27.2.2    Standards for Assessing Security Implementers    Capability Maturity Model    Quality (ISO 9000)
   27.2.3    Combined Product and Product Builder Assessment Standards
   272.3.1    Competing National Criteria Standards    Common, Consolidated Criteria standard
   27.3    Establishing Trust in Products and Systems and Managing Risks
   27.3.1    Why Trust and Risk Management Are Important
   27.3.2    Alternatives Methods of Establishing Trust    Nonstandard trust development alternatives    Standard-based trust development alternatives
   27.4    Common Criteria Paradigm
   27.4.2    Details about the Common Criteria Standard    Models for security profiles    Security functional requirements catalog    Security assurance requirements catalog    Comprehensiveness of requirements catalogs
   27.4.3    Using the Common Criteria Standard to Define Security Requirements and Security Solutions    Profiles and their construction    Security targets    PP/ST development tools
   27.4.4    Defining Common Test Methodology    Common Evaluation Methodology    Benefits of the Common Evaluation Methodology
   27.4.5    Mutual Recognition of Testing and National Testing Schemes    Mutual Recognition Arrangement    National schemes
   27.4.6    Common Criteria Evaluation and Validation Scheme of the United States
   27.4.7    Accredited Testing    Testing products and profiles    Accrediting security testing laboratories
   27.4.8    Testing Validation    Validating test results    Operating and maintaining the validation service
   27.4.9    Recognizing Validated Products and Profiles    Issuing Common Criteria certificates    Posting validations
   27.4.10    Summary
   27.5    Notes

Please report problems to the webmaster at:
copyright 2002-2006, Robert Gezelter, All Rights Reserved