ISO/IEC TR 15443-3:2007 信息技术 安全技术 IT安全保障框架 第3部分：保障方法分析

标准编号：ISO/IEC TR 15443-3:2007

中文名称：信息技术 安全技术 IT安全保障框架 第3部分：保障方法分析

英文名称：Information technology — Security techniques — A framework for IT security assurance — Part 3: Analysis of assurance methods

发布日期：2007-12

标准范围

1.1 PurposeThe purpose of this part of ISO/IEC TR 15443 is to provide general guidance to an assurance authority in thechoice of the appropriate type of international communications techology (ICT) assurance methods and to laythe framework for the analysis of specific assurance methods for specific environments.1.2 ApplicationThis part of ISO/IEC TR 15443 will allow the user to match specific assurance requirements and/or typicalassurance situations with the general characteristics offered by available assurance methods.1.3 Field of ApplicationThe guidance of this part of ISO/IEC TR 15443 is applicable to the development, implementation andoperation of ICT products and ICT systems with security requirements.1.4 LimitationsSecurity requirements may be complex, assurance methods are of great diversity, and organisationalresources and cultures differ considerably.Therefore the advice given in this part of ISO/IEC TR 15443 will be qualitative and summary, and the usermay need to analyse on his own which methods presented in Part 2 of this Technical Report will suit best hisspecific deliverables and organisational security requirements.

标准预览图