AS ISO IEC 15292 pdf download

AS ISO IEC 15292 pdf download Information technology—Security techniques—Protection profile registration procedures
1 Scope
This International Standard defines the procedures to be applied by the JTC 1 Registration Authority appointed bythe lSO and IEC councils to maintain a register of Protection Profiles and packages for the purposes of lT securityevaluation. These Protection Profiles and packages are specified in accordance with criteria given inISO/IEC 15408.
2Normative references
The following normative documents contain provisions which, through reference in this text, constitute provisions ofthis International Standard.For dated references, subsequent amendments to,or revisions of,any of thesepublications do not apply. However,parties to agreements based on this International Standard are encouraged toinvestigate the possibility of applying the most recent editions of the normative documents indicated below.Forundated references, the latest edition of the normative document referred to applies.Members of lS0 and IECmaintain registers of currently valid lnternational Standards.
ISO 15408-1，Information technology — Security techniques — Evaluation criteria for lT security — Part 1:lntroduction and general model
ISO 15408-2, Information technology — Security techniques—Evaluation criteria for lT security — Part 2:Securityfunctionality requirements
ISO 15408-3, Information technology— Security techniques —Evaluation criteria for lT security — Part 2: Securityassurance requirements
Procedures for the technical work of lSO/IEC JTC 1
ISO/IEC/ITU ITSIG Guide for the use of lT in the development and delivery of standards
3Terms and definitions
For the purposes of this International Standard, the following terms and definitions apply.
3.1
applicant
an entity (organisation, individual etc.) which requests the assignment of a register entry and entry label
3.2
certificate
a declaration by an independent authority operating in accordance with lSO Guide 58,Calibration andtesting laboratory accreditation systems – General requirements for operation and recognition,confimingthat an evaluation pass statement is valid
3.3
entry label
the naming information that identifies a registered PP or package uniquely
3.4
evaluation pass statement
a statement issued by an organisation that performs evaluations against ISOIEC 15408 confirming that aPP has successfully passed assessment against the evaluation criteria given in clause 4 of Part 3 of thatlnternational Standard
3.5
JTC 1 Registration Authority
an organisation appointed by the lS0 and lEC councils to register objects in accordance with a JTC 1procedural Standard
3.6
package
a reusable set of either functional or assurance components combined together to satisfy a set of identifiedsecurity objectives (from lSO/IEC 15408-1)
3.7
Protection Profile
an implementation-independent set of security requirements for a category of lT products or systems thatmeet specific consumer needs (adapted from isoniEC 15408-1)
3.8
register
a set of files (electronic,or a combination of electronic and paper) containing entry labels and theirassociated definitions and related information
3.9
register entry
the information within a register relating to a specific PP or package