AS ISO IEC 15292 pdf download Information technology—Security techniques—Protection profile registration procedures
This International Standard defines the procedures to be applied by the JTC 1 Registration Authority appointed bythe lSO and IEC councils to maintain a register of Protection Profiles and packages for the purposes of lT securityevaluation. These Protection Profiles and packages are specified in accordance with criteria given inISO/IEC 15408.
The following normative documents contain provisions which, through reference in this text, constitute provisions ofthis International Standard.For dated references, subsequent amendments to,or revisions of,any of thesepublications do not apply. However,parties to agreements based on this International Standard are encouraged toinvestigate the possibility of applying the most recent editions of the normative documents indicated below.Forundated references, the latest edition of the normative document referred to applies.Members of lS0 and IECmaintain registers of currently valid lnternational Standards.
ISO 15408-1，Information technology — Security techniques — Evaluation criteria for lT security — Part 1:lntroduction and general model
ISO 15408-2, Information technology — Security techniques—Evaluation criteria for lT security — Part 2:Securityfunctionality requirements
ISO 15408-3, Information technology— Security techniques —Evaluation criteria for lT security — Part 2: Securityassurance requirements
Procedures for the technical work of lSO/IEC JTC 1
ISO/IEC/ITU ITSIG Guide for the use of lT in the development and delivery of standards
3Terms and definitions
For the purposes of this International Standard, the following terms and definitions apply.
an entity (organisation, individual etc.) which requests the assignment of a register entry and entry label
a declaration by an independent authority operating in accordance with lSO Guide 58,Calibration andtesting laboratory accreditation systems – General requirements for operation and recognition,confimingthat an evaluation pass statement is valid
the naming information that identifies a registered PP or package uniquely
evaluation pass statement
a statement issued by an organisation that performs evaluations against ISOIEC 15408 confirming that aPP has successfully passed assessment against the evaluation criteria given in clause 4 of Part 3 of thatlnternational Standard
JTC 1 Registration Authority
an organisation appointed by the lS0 and lEC councils to register objects in accordance with a JTC 1procedural Standard
a reusable set of either functional or assurance components combined together to satisfy a set of identifiedsecurity objectives (from lSO/IEC 15408-1)
an implementation-independent set of security requirements for a category of lT products or systems thatmeet specific consumer needs (adapted from isoniEC 15408-1)
a set of files (electronic,or a combination of electronic and paper) containing entry labels and theirassociated definitions and related information
the information within a register relating to a specific PP or package