标准号:ISO/IEC TR 15443-1-2005
实施状态:作废
中文名称:信息技术.安全技术.IT安全保障框架.第1部分:总揽和框架
英文名称:Information technology - Security techniques - A framework for IT security assurance - Part 1: Overview and framework
发布日期:2005-02
被替代标准:ISO/IEC TR 15443-1-2012
采用标准:ANSI/INCITS/ISO/IEC TR 15443-1-2009,IDT;CAN/CSA-ISO/IEC TR 15443-1-06-2006,IDT
起草单位:ISO/IEC JTC 1/SC 27
标准简介:Purpose
The purpose of this part of ISO/IEC TR 15443 is to introduce, relate and categorise security assurance
methods to a generic life cycle model in a manner enabling an increased level of confidence to be obtained in
the security functionality of a deliverable.
Approach
The approach adopted throughout this part of ISO/IEC TR 15443 presents an overview of the basic assurance
concepts and terms required for understanding and applying assurance methods through a framework of
identifying various assurance approaches and assurance stages.
Application
Using the categorisation obtained through this part of ISO/IEC TR 15443, Part 2 and the future Part 3 will
guide the reader in the selection, and possible combination, of the assurance method(s) suitable for
application to a given deliverable.
Field of Application
This part of ISO/IEC TR 15443 provides guidance for the categorisation of assurance methods including those
not unique to IT security. It may be used in areas outside of IT security where criticality warrants assurance.
Limitations
This part of ISO/IEC TR 15443 applies to deliverables (refer to Clause 4.3) and their related organisational
security issues only.
文件格式:PDF
文件大小:285.85KB
文件页数:30
(以上信息更新时间为:2019-11-22)
ISO_IEC TR 15443-1-2005 信息技术.安全技术.IT安全保障框架.第1部分_总揽和框架.pdf
(285.85 KB)
|
|
