Military Standard of the People's Republic of China-Commission of Science,Technology and Industry for National Defence
Latest
GJB 5371.2-2005
Scope
The security functional components defined in this section are the basis for TOE IT security functional requirements expressed in protection profiles (PP) or security objectives (ST). These requirements describe the expected security behavior of the object of evaluation (TOE) in order to meet the security objectives stated in the PP or ST. These requirements describe security features that can be detected by the user through direct interaction with the TOE (ie input, output) or through the TOE's response to stimuli. The Security Functional Component expresses the requirements for combating threats in the assumed TOE operating environment, or involves all identified organizational security policies and assumptions. The readers of this section include users, developers and evaluators of secure IT systems and products. Chapter 3 of Part 1 of GJB 5371 provides additional information about the target readers of this part and the use of this part by these target readers. These readers may use this section as follows: - users, when selecting components to express functional requirements to meet security purposes in PP or ST, use this section. 4.3 of Part 1 of GJB 5371 gives detailed information on the relationship between security objectives and security requirements. - Developers, when establishing a TOE for actual or anticipated user security requirements, can find a standardized approach to understanding these security requirements in this section. They can also use the contents of this standard as a basis for further defining TOE security functions and mechanisms that meet these requirements. - The evaluator, using the functional requirements defined in this part of ISO 13001, verifies whether the TOE functional requirements in the PP or ST meet the IT security objectives and shall consider whether all dependencies are satisfied. Evaluators should also use this section to help determine that a given TOE meets the stated requirements. 1.1 Extension and maintenance of functional requirements 1.2 Structure of this part 1.3 Examples of functional requirements
GJB 5371.2-2005 history
2005GJB 5371.2-2005 Evaluation criteria for IT security Part 2:Security functional requirements