Common Criteria

From FISMApedia
Jump to: navigation, search

CNSSI 4009

Provides a comprehensive, rigorous method for specifying security function and assurance requirements for products and systems. (International Standard ISO/IEC 5408, Common Criteria for Information Technology Security Evaluation [ITSEC])

NIST SP 800-32

A set of internationally accepted semantic tools and constructs for describing the security needs of customers and the security attributes of products.