GB/T 18336.2-2001
Information technology--Security techniques--Evaluation criteria for IT security Part 2: Security functional requirements (English Version)

Standard No.
GB/T 18336.2-2001
Language
Chinese, Available in English version
Release Date
2001
Published By
General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China
Status
 2008-11
Replace By
GB/T 18336.2-2008
Latest
GB/T 18336.2-2015
Scope
The security functional components defined in this standard are the basis for TOE IT security functional requirements expressed in protection profiles (PP) or security objectives (ST). These requirements describe the expected security behavior of the object of evaluation (TOE) in order to meet the security objectives stated in the PP or ST. These requirements describe security features that can be detected by the user through direct interaction (i.e. input, output) with the TOE or through the TOE's response to stimuli. The Security Functional Component expresses the requirements for combating threats in the assumed TOE operating environment, or involves all identified organizational security policies and assumptions. The readers of this standard include users, developers and evaluators of secure IT systems and products. Chapter 4 of Part One of GB/T 18336 provides additional information about the target audience of this standard and the use of this standard by these target readers. These audiences may use this International Standard as follows: - users, when selecting components to express functional requirements for safety purposes in PP or ST. Article 5.3 of the first part of GB/T 18336 gives detailed information on the relationship between security objectives and security requirements. - Developers, when building TOEs against actual or anticipated user security requirements, can find in this International Standard a standardized approach to understanding these security requirements. They may also use the content of this standard as a basis for further defining TOE security functions and mechanisms that meet these requirements. - The assessor, using the functional requirements defined in this standard, verifies whether the TOE functional requirements in the PP or ST meet the IT security purpose and shall consider whether all dependencies are satisfied. Evaluators should also use the content of this standard to help determine that a given TOE satisfies the stated requirements

GB/T 18336.2-2001 history

  • 2015 GB/T 18336.2-2015 Information technology.Security techniques.Evaluation criteria for IT security.Part 2: Security functional components
  • 2008 GB/T 18336.2-2008 Information technology. Security techniques. Evaluation criteria for IT security. Part 2: Security functional requirements
  • 2001 GB/T 18336.2-2001 Information technology--Security techniques--Evaluation criteria for IT security Part 2: Security functional requirements
Information technology--Security techniques--Evaluation criteria for IT security Part 2: Security functional requirements

GB/T 18336.2-2001 -All Parts

GB/T 18336.1-2015 Information technology.Security techniques.Evaluation criteria for IT security.Part 1:Introduction and general model GB/T 18336.2-2015 Information technology.Security techniques.Evaluation criteria for IT security.Part 2: Security functional components GB/T 18336.3-2015 Information technology.Security techniques.Evaluation criteria for IT security.Part 3:Security assurance components


Copyright ©2024 All Rights Reserved