GB/T 18336.2-2001 Information technology--Security techniques--Evaluation criteria for IT security Part 2: Security functional requirements (English Version)
The security functional components defined in this standard are the basis for TOE IT security functional requirements expressed in protection profiles (PP) or security objectives (ST). These requirements describe the expected security behavior of the object of evaluation (TOE) in order to meet the security objectives stated in the PP or ST. These requirements describe security features that can be detected by the user through direct interaction (i.e. input, output) with the TOE or through the TOE's response to stimuli. The Security Functional Component expresses the requirements for combating threats in the assumed TOE operating environment, or involves all identified organizational security policies and assumptions. The readers of this standard include users, developers and evaluators of secure IT systems and products. Chapter 4 of Part One of GB/T 18336 provides additional information about the target audience of this standard and the use of this standard by these target readers. These audiences may use this International Standard as follows: - users, when selecting components to express functional requirements for safety purposes in PP or ST. Article 5.3 of the first part of GB/T 18336 gives detailed information on the relationship between security objectives and security requirements. - Developers, when building TOEs against actual or anticipated user security requirements, can find in this International Standard a standardized approach to understanding these security requirements. They may also use the content of this standard as a basis for further defining TOE security functions and mechanisms that meet these requirements. - The assessor, using the functional requirements defined in this standard, verifies whether the TOE functional requirements in the PP or ST meet the IT security purpose and shall consider whether all dependencies are satisfied. Evaluators should also use the content of this standard to help determine that a given TOE satisfies the stated requirements
GB/T 18336.2-2001 history
2015GB/T 18336.2-2015 Information technology.Security techniques.Evaluation criteria for IT security.Part 2: Security functional components
2008GB/T 18336.2-2008 Information technology. Security techniques. Evaluation criteria for IT security. Part 2: Security functional requirements
2001GB/T 18336.2-2001 Information technology--Security techniques--Evaluation criteria for IT security Part 2: Security functional requirements