GB/T 18336.1-2015 Replaced National standards

GB/T 18336.1-2015 Information technology—Security techniques—Evaluation criteria for IT security—Part 1:Introduction and general model

Publish Date: 2015-05-15 Implement Date: 2016-01-01 For services related to genuine standard inquiry, procurement, translation, and other related services in China, please Contact Us

Basic Information

Standard Code: GB/T 18336.1-2015

Standard Type: National standards

Standard Status: Replaced

is_force_gb: no

CCS Name: Data encryption

ICS Name: Character sets and information encoding

Publish Date: 2015-05-15

Implement Date: 2016-01-01

Pages: 60 pages

Scope

This part of GB/T 18336 establishes the general concepts and principles of IT security assessment, and details the general assessment model presented in various parts of ISO/IEC 15408. This model can serve as the foundation for evaluating the security attributes of IT products. This part provides an overview of ISO/IEC 15408. It describes the content of various parts of ISO/IEC 15408; defines the terms and acronyms used in various parts of ISO/IEC 15048; establishes the core concepts of the target of evaluation (TOE); discusses the assessment context; and describes the readers targeted by the assessment criteria. Additionally, it introduces the basic security concepts required for IT product assessment. This part defines the various operations available when tailoring the functional and assurance components described in ISO/IEC 154082 and ISO/IEC 154083. It also details key concepts such as protection profiles (PP), security requirement packages, and compliance, and describes the results and conclusions of the assessment. This part of ISO/IEC 15408 provides guidelines for specifying security targets (ST) and describes the component organization method throughout the entire model. General information about assessment methods and the scope of the assessment system will be provided in the IT security assessment methodology.