ISO/IEC 21827

More documents

Recommendations

Info

ISO/IEC 21827:2002(E) • Integrators; • Acquirers (acquisition organization or end user); • Security evaluation organizations (system certifier, product evaluator, or operation accreditor); • System administrator; • Trusted third parties (certification authority); • Consulting/service organizations. 6.1.4 Security Engineering Life Cycle Security engineering activities are practised during all life cycle phases, including: • Concept stage; • Development stage; • Production stage; • Utilization stage; • Support stage; • Retirement stage. 6.1.5 Security Engineering and Other Disciplines Security engineering activities interface with many other disciplines, including: • Enterprise engineering; • Systems engineering; • Software engineering; • Human factors engineering; • Communications engineering; • Hardware engineering; • Test engineering; • System administration. Note 1: With respect to systems engineering, further information can be found in ISO/IEC 15288 which views security from a systems perspective. Note 2: With respect to software engineering, further information can be found in ISO/IEC 12207:1995 which views security from a software perspective. Security engineering activities must be coordinated with many external entities because assurance and the acceptability of residual operational impacts are established in conjunction with the developer, integrator, acquirer, user, independent evaluator, and other groups. It is these interfaces and the requisite interaction across a broad set of organizations that make security engineering particularly complex and different from other engineering disciplines. 6.1.6 Security Engineering Specialties While Security Engineering and Information Technology Security are very often the driving disciplines in the current security and business environment, other more traditional security disciplines, such as Physical Security and Personnel Security should not be overlooked. Security Engineering will need to draw upon these and many other specialist sub-disciplines if they are to achieve the most efficient and effective results in the performance of their work. The list below gives a few examples of specialty security sub-disciplines likely to be required, along with a short description of each. Examples of security specialty sub-disciplines include: • Operations Security targets the security of the operating environment, and the maintenance of a secure operating posture; • Information Security pertains to information and the maintenance of security of the information during its manipulation and processing; • Network Security involves the protection of network hardware, software, and protocols, including information communicated over networks; • Physical Security focuses on the protection buildings and physical locations; • Personnel Security is related to people, their trustworthiness and their awareness of security concerns; • Administrative Security is related to the administrative aspects of security and security in administrative systems; 8 © ISO/IEC 2002 – All rights reserved
ISO/IEC 21827:2002(E) • Communications Security is related to the communication of information between security domains, specifically the protection of information while it is being moved through the transport medium; • Emanation Security deals with undesired signals generated by all machines that can transmit information outside the security domain; • Computer Security deals specifically with the security computing devices of all types. 6.2 Security Engineering Process Overview The SSE-CMM® divides security engineering into three basic areas: risk, engineering, and assurance, see figure 1. While these areas are by no means independent from one another, it is possible to consider them separately. At the simplest level, the risk process identifies and prioritizes dangers inherent to the developed product or system. The security engineering process works with the other engineering disciplines to determine and implement solutions to the problems presented by the dangers. Finally, the assurance process establishes confidence in the security solutions and conveys this confidence to the customers. Figure 1 - The security engineering process has three main areas. Together, these three areas work together with the goal of ensuring that the security engineering process results achieve the goals described above. 6.2.1 Risk A major goal of security engineering is the reduction of risk. Risk assessment is the process of identifying problems that have not yet occurred. Risks are assessed by examining the likelihood of the threat and vulnerability and by considering the potential impact of an unwanted incident, see figure 2. Associated with that likelihood is a factor of uncertainty, which will vary dependent upon a particular situation. This means that the likelihood can only be predicted within certain limits. In addition, impact assessed for a particular risk also has associated uncertainty, as the unwanted incident may not turn out as expected. Because the factors may have a large amount of uncertainty as to the accuracy of the predictions associated with them, planning and the justification of security can be very difficult. One way to partially deal with this problem in a cost-effective manner is to implement techniques to detect the occurrence of an unwanted incident. An unwanted incident is made up of three components: threat, vulnerability, and impact. Vulnerabilities are properties of the asset that may be exploited by a threat and include weaknesses. If either the threat or the vulnerability is not present there can be no unwanted incident and thus no risk. Risk management is the process of assessing and © ISO/IEC 2002 – All rights reserved 9
Page 1 and 2: INTERNATIONAL STANDARD ISO/IEC 2182
Page 3 and 4: ISO/IEC 21827:2002(E) Contents Fore
Page 5 and 6: © ISO/IEC 2002 - All rights reserv
Page 7 and 8: ISO/IEC 21827:2002(E) Specific Indu
Page 9 and 10: INTERNATIONAL STANDARD ISO/IEC 2182
Page 11 and 12: ISO/IEC 21827:2002(E) 3.11 Baseline
Page 13 and 14: ISO/IEC 21827:2002(E) 3.36 Validati
Page 15: ISO/IEC 21827:2002(E) 5 Structure o
Page 19 and 20: ISO/IEC 21827:2002(E) Figure 3 - Se
Page 21 and 22: ISO/IEC 21827:2002(E) Figure 5 - Th
Page 23 and 24: ISO/IEC 21827:2002(E) Subsequent co
Page 25 and 26: ISO/IEC 21827:2002(E) • Level 1,
Page 27 and 28: ISO/IEC 21827:2002(E) Table 3 - 218
Page 29 and 30: ISO/IEC 21827:2002(E) of which cont
Page 31 and 32: ISO/IEC 21827:2002(E) • security
Page 33 and 34: ISO/IEC 21827:2002(E) 7.2.1.2 Goals
Page 35 and 36: ISO/IEC 21827:2002(E) 7.2.5.1 Descr
Page 37 and 38: ISO/IEC 21827:2002(E) information f
Page 39 and 40: ISO/IEC 21827:2002(E) 7.3.7 BP.03.0
Page 41 and 42: ISO/IEC 21827:2002(E) 7.4.4.3 Notes
Page 43 and 44: ISO/IEC 21827:2002(E) of existing s
Page 45 and 46: ISO/IEC 21827:2002(E) 7.5.5.1 Descr
Page 47 and 48: ISO/IEC 21827:2002(E) acceptable le
Page 49 and 50: ISO/IEC 21827:2002(E) 7.7.2 BP.07.0
Page 51 and 52: ISO/IEC 21827:2002(E) 7.8.1.3 Base
Page 53 and 54: ISO/IEC 21827:2002(E) response shou
Page 55 and 56: ISO/IEC 21827:2002(E) 7.9 PA09 - Pr
Page 57 and 58: ISO/IEC 21827:2002(E) rules and pra
Page 59 and 60: ISO/IEC 21827:2002(E) 7.10.1.3 Base
Page 61 and 62: ISO/IEC 21827:2002(E) information f
Page 63 and 64: ISO/IEC 21827:2002(E) In the intere
Page 65 and 66: ISO/IEC 21827:2002(E) Annex A (norm
Page 67 and 68:
ISO/IEC 21827:2002(E) A.3.2.1 Commo
Page 69 and 70:
ISO/IEC 21827:2002(E) A.3.2.7.2 Not
Page 71 and 72:
ISO/IEC 21827:2002(E) A.3.5 Common
Page 73 and 74:
ISO/IEC 21827:2002(E) A.4.2.2.3 Rel
Page 75 and 76:
ISO/IEC 21827:2002(E) A.4.4.2.1 Des
Page 77 and 78:
ISO/IEC 21827:2002(E) A.5.2.2.2 Not
Page 79 and 80:
ISO/IEC 21827:2002(E) A.6.2.2.2 Not
Page 81 and 82:
ISO/IEC 21827:2002(E) Annex B (norm
Page 83 and 84:
ISO/IEC 21827:2002(E) B.3.2.1 Descr
Page 85 and 86:
ISO/IEC 21827:2002(E) parameters;
Page 87 and 88:
ISO/IEC 21827:2002(E) B.4.1.5 Proce
Page 89 and 90:
ISO/IEC 21827:2002(E) B.4.5.1 Descr
Page 91 and 92:
ISO/IEC 21827:2002(E) B.5.2.3 Notes
Page 93 and 94:
ISO/IEC 21827:2002(E) B.5.7 BP.14.0
Page 95 and 96:
ISO/IEC 21827:2002(E) B.6.4.2 Examp
Page 97 and 98:
ISO/IEC 21827:2002(E) BP.16.08 BP.1
Page 99 and 100:
ISO/IEC 21827:2002(E) B.7.6.1 Descr
Page 101 and 102:
ISO/IEC 21827:2002(E) B.7.10.2 Exam
Page 103 and 104:
ISO/IEC 21827:2002(E) • process a
Page 105 and 106:
ISO/IEC 21827:2002(E) B.9.1.2 Summa
Page 107 and 108:
ISO/IEC 21827:2002(E) B.9.5.2 Examp
Page 109 and 110:
ISO/IEC 21827:2002(E) B.10.4.2 Exam
Page 111 and 112:
ISO/IEC 21827:2002(E) B.11.2.1 Desc
Page 113 and 114:
ISO/IEC 21827:2002(E) performance.
Page 115 and 116:
ISO/IEC 21827:2002(E) B.12.3 BP.21.
Page 117 and 118:
ISO/IEC 21827:2002(E) B.12.7 BP.21.
Page 119 and 120:
ISO/IEC 21827:2002(E) B.13.2.1 Desc
Page 121 and 122:
ISO/IEC 21827:2002(E) • communica
Page 123 and 124:
ISO/IEC 21827:2002(E) produce the d
Page 125 and 126:
ISO/IEC 21827:2002(E) C.5.2 Organiz
Page 127 and 128:
ISO/IEC 21827:2002(E) C.5.12 Instit
Page 129 and 130:
ISO/IEC 21827:2002(E) Security Engi
Page 131 and 132:
ISO/IEC 21827:2002(E) GOODENOUGH93B
show all

ISO/IEC 21827

Create successful ePaper yourself

Delete template?

Save as template?