ISSUED: 01-Nov-2002    71 pages          

DISPOSITION: Free

SCOPE & PURPOSE: This standard defines a method for evaluting the trust level of software products It provides 7 Evaluation Assurance Levels (EALs) that provide comparative results based on assessment against pre-defined international security controls critieria. In addition, the framework provides for controlling and improving these processes. The standard covers the technical aspects of software development only lightly, providing guidance for management for policy and practices

USER: This standard is for users of technology, to judge the trustworthiness of commecial products, developers to obtain minimum security requirements for different classes of products to achieve desired trust levels, and evaluators, to judge the trust levels of products.

ISSUING ORGANIZATION:  National Institute of Standards and Technology Computer Security Resource Center

ORGINATING COMMITTEEE OR BODY: National Information Assurance Partnership (NIAP)

CATEGORY: Information Security Standard

Back to Standards Comparison