《ISO-TR-15443-3-2007.pdf》由会员分享,可在线阅读,更多相关《ISO-TR-15443-3-2007.pdf(70页珍藏版)》请在三一文库上搜索。
1、 Reference number ISO/IEC TR 15443-3:2007(E) ISO/IEC 2007 TECHNICAL REPORT ISO/IEC TR 15443-3 First edition 2007-12-15 Information technology Security techniques A framework for IT security assurance Part 3: Analysis of assurance methods Technologies de linformation Techniques de scurit Un canevas p
2、our lassurance de la scurit dans les technologies de linformation Partie 3: Analyses des mthodes dassurance Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 01/01/2008 21:51:18 MSTNo rep
3、roduction or networking permitted without license from IHS -,-,- ISO/IEC TR 15443-3:2007(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are
4、licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details
5、of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relat
6、ing to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2007 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including
7、photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in
8、 Switzerland ii ISO 2007 All rights reserved Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 01/01/2008 21:51:18 MSTNo reproduction or networking permitted without license from IHS -,-,
9、- ISO/IEC TR 15443-3:2007(E) ISO 2007 All rights reserved iii Contents Page Foreword. v Introduction. vi 1 Scope 1 1.1 Purpose.1 1.2 Application .1 1.3 Field of Application1 1.4 Limitations1 2 Terms and definitions .1 3 Abbreviated terms .4 4 Understanding Assurance4 4.1 Setting the assurance goal.4
10、 4.2 Applying assurance methods.7 4.3 Assessing assurance results.12 4.4 Example 14 5 Comparing, selecting and composing assurance14 5.1 Selecting the assurance approach 14 5.2 Composing assurance methods16 5.3 Comparing assurance methods.17 5.4 Focus on assurance properties .18 6 Guidance.23 6.1 De
11、velopmental Assurance (DA).24 6.2 Integration Assurance (IA)25 6.3 Operational Assurance (OA).29 Annex A Tabular comparisons .33 A.1 Methods and their target groups33 A.2 Available Assurance Methods34 Annex B Assurance properties of selected methods.35 B.1 ISO/IEC 15408.35 B.2 ISO/IEC 19790.38 B.3 I
12、SO/IEC 21827.40 B.4 ISO/IEC 13335.41 B.5 ISO/IEC 27001 and ISO/IEC 2700243 B.6 IT Baseline Protection Manual46 B.7 COBIT48 B.8 ISO 900050 Annex C Composition of assurance methods 53 C.1 ISO/IEC 15408 + IT Baseline Protection Manual.53 C.2 ISO/IEC 27002 + IT Baseline Protection.53 C.3 ISO/IEC 27001 a
13、nd ISO/IEC 2700253 C.4 ISO/IEC 27002 + ISO 9000 .54 C.5 COBIT + IT Baseline Protection54 Annex D Case Studies.55 D.1 A chip-card manufacturers assurance composition strategy55 D.2 A service provider assures the upgrade of business processes.56 Annex E Determination of the assurance goal .57 E.1 Risk
14、 Assessment.57 Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 01/01/2008 21:51:18 MSTNo reproduction or networking permitted without license from IHS -,-,- ISO/IEC TR 15443-3:2007(E) i
15、v ISO 2007 All rights reserved E.2 Risk Management57 E.3 Security Model.58 E.4 Organizational security policy.59 E.5 Applicable Assurance goal60 E.6 Security Measures 60 E.7 Example: ISO/IEC 15408.61 Bibliography .62 Copyright International Organization for Standardization Provided by IHS under lice
16、nse with ISO Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 01/01/2008 21:51:18 MSTNo reproduction or networking permitted without license from IHS -,-,- ISO/IEC TR 15443-3:2007(E) ISO 2007 All rights reserved v Foreword ISO (the International Organization for Standardization) an
17、d IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal wi
18、th particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC ha
19、ve established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the join
20、t technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. In exceptional circumstances, the joint technical committee may propose the publication of a Technical Report of one
21、of the following types: type 1, when the required support cannot be obtained for the publication of an International Standard, despite repeated efforts; type 2, when the subject is still under technical development or where for any other reason there is the future but not immediate possibility of an
22、 agreement on an International Standard; type 3, when the joint technical committee has collected data of a different kind from that which is normally published as an International Standard (“state of the art”, for example). Technical Reports of types 1 and 2 are subject to review within three years
23、 of publication, to decide whether they can be transformed into International Standards. Technical Reports of type 3 do not necessarily have to be reviewed until the data they provide are considered to be no longer valid or useful. Attention is drawn to the possibility that some of the elements of t
24、his document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC TR 15443-3, which is a Technical Report of type 3, was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, I
25、T Security techniques. ISO/IEC TR 15443 consists of the following parts, under the general title Information technology Security techniques A framework for IT security assurance: Part 1: Overview and framework Part 2: Assurance methods Part 3: Analysis of assurance methods Copyright International Or
26、ganization for Standardization Provided by IHS under license with ISO Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 01/01/2008 21:51:18 MSTNo reproduction or networking permitted without license from IHS -,-,- ISO/IEC TR 15443-3:2007(E) vi ISO 2007 All rights reserved Introducti
27、on The objective of this Technical Report is to present a variety of assurance methods, and to guide the IT Security Professional in the selection of an appropriate assurance method (or combination of methods) to achieve confidence that a given deliverable satisfies its stated IT security assurance
28、requirements. This report examines assurance methods and approaches proposed by various types of organisations whether they are approved or de-facto standards. In pursuit of this objective, this Technical Report comprises the following: a framework model to position existing assurance methods and to
29、 show their relationships; a collection of assurance methods, their description and reference; a presentation of common and unique properties specific to assurance methods; qualitative, and where possible, quantitative comparison of existing assurance methods; identification of assurance schemes cur
30、rently associated with assurance methods; a description of relationships between the different assurance methods; and guidance to the application, composition and recognition of assurance methods. This Technical Report is organised in three parts to address the assurance approach, analysis, and rela
31、tionships as follows: Part 1: Overview and framework provides an overview of the fundamental concepts and general description of assurance methods. This material is aimed at understanding Part 2 and Part 3 of this Technical Report. Part 1 targets IT security managers and others responsible for devel
32、oping a security assurance program, determining the security assurance of their deliverable, entering an assurance assessment audit (e.g. ISO 9000, ISO/IEC 21827, ISO/IEC 15408-3), or other assurance activities. Part 2: Assurance methods describes a variety of assurance methods and approaches and re
33、lates them to the security assurance framework model of Part 1. The emphasis is to identify qualitative properties of the assurance methods that contribute to assurance. This material is catering to an IT security professional for the understanding of how to obtain assurance in a given life cycle st
34、age of deliverable. Part 3: Analysis of assurance methods analyses the various assurance methods with respect to their assurance properties. The analysis will aid the Assurance Authority in deciding the relative value of each Assurance Approach and determining the assurance approach(es) that will pr
35、ovide the assurance results most appropriate to their needs within the specific context of their operating environment. Furthermore, the analysis will also aid the Assurance Authority to use the assurance results to achieve the desired confidence of the deliverable. The material in this part targets
36、 the IT security professional who needs to select assurance methods and approaches. This Technical Report analyses assurance methods that may not be unique to IT security; however, guidance given in this Technical Report will be limited to IT security requirements. Similarly, additional terms and co
37、ncepts defined in other International standardisation initiatives (i.e. CASCO) and International guides (e.g. ISO/IEC Guide 2) will be incorporated, however, guidance will be provided specific to the field of IT security and is not intended for general quality management and assessment, or IT confor
38、mity. Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 01/01/2008 21:51:18 MSTNo reproduction or networking permitted without license from IHS -,-,- TECHNICAL REPORT ISO/IEC TR 15443-3:2
39、007(E) ISO 2007 All rights reserved 1 Information technology Security techniques A framework for IT security assurance Part 3: Analysis of assurance methods 1 Scope 1.1 Purpose The purpose of this part of ISO/IEC TR 15443 is to provide general guidance to an assurance authority in the choice of the
40、appropriate type of international communications techology (ICT) assurance methods and to lay the framework for the analysis of specific assurance methods for specific environments. 1.2 Application This part of ISO/IEC TR 15443 will allow the user to match specific assurance requirements and/or typi
41、cal assurance situations with the general characteristics offered by available assurance methods. 1.3 Field of Application The guidance of this part of ISO/IEC TR 15443 is applicable to the development, implementation and operation of ICT products and ICT systems with security requirements. 1.4 Limi
42、tations Security requirements may be complex, assurance methods are of great diversity, and organisational resources and cultures differ considerably. Therefore the advice given in this part of ISO/IEC TR 15443 will be qualitative and summary, and the user may need to analyse on his own which method
43、s presented in Part 2 of this Technical Report will suit best his specific deliverables and organisational security requirements. 2 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC TR 15443-1, ISO/IEC TR 15443-2 and the following apply. 2.1 assets a
44、nything that has value to the organization 2.2 assessment systematic examination of the extent to which an entity is capable of fulfilling specified requirements; synonymous to evaluation when applied to a deliverable ISO/IEC 14598-1 Copyright International Organization for Standardization Provided
45、by IHS under license with ISO Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 01/01/2008 21:51:18 MSTNo reproduction or networking permitted without license from IHS -,-,- ISO/IEC TR 15443-3:2007(E) 2 ISO 2007 All rights reserved 2.3 assessment method action of applying specific d
46、ocumented assessment criteria to a deliverable for the purpose of determining acceptance or release of that deliverable 2.4 assurance authority person or organisation delegated the authority for decisions (i.e. selection, specification, acceptance, enforcement) related to a deliverables assurance th
47、at ultimately leads to the establishment of confidence in the deliverable NOTE In specific schemes or organisations, the term for assurance authority could be different such as evaluation authority. 2.5 assurance administrator responsible (accountable) person for the selection, implementation, or ac
48、ceptance deliverable 2.6 assurance goal overall security expectations to be satisfied through application of formal and informal assessment activities 2.7 assurance concern general type of assurance objective pursued by a major group of assurance authorities NOTE In this part of ISO/IEC TR 15443, assurance concern is used for the purpose of establishing analyses and conclusions for assurance guidance given to that group of users. 2.8 deliverable IT security product, system, service, p