BSI PD ISO/IEC TS 19608:2018
$198.66
Guidance for developing security and privacy functional requirements based on ISO/IEC 15408
Published By | Publication Date | Number of Pages |
BSI | 2018 | 58 |
This document provides guidance for:
-
selecting and specifying security functional requirements (SFRs) from ISO/IEC 15408‑2 to protect Personally Identifiable Information (PII);
-
the procedure to define both privacy and security functional requirements in a coordinated manner; and
-
developing privacy functional requirements as extended components based on the privacy principles defined in ISO/IEC 29100 through the paradigm described in ISO/IEC 15408‑2.
The intended audience for this document are:
-
developers who implement products or systems that deal with PII and want to undergo a security evaluation of those products using ISO/IEC 15408. They will get guidance how to select security functional requirements for the Security Target of their product or system that map to the privacy principles defined in ISO/IEC 29100;
-
authors of Protection Profiles that address the protection of PII; and
-
evaluators that use ISO/IEC 15408 and ISO/IEC 18045 for a security evaluation.
This document is intended to be fully consistent with ISO/IEC 15408; however, in the event of any inconsistency between this document and ISO/IEC 15408, the latter, as a normative standard, takes precedence.
Status | Under Review |
---|---|
Pages | 58 |
Publication Date | 2018-10-31 |
ISBN | 978 0 580 93278 6 |
Standard Number | PD ISO/IEC TS 19608:2018 |
Title | Guidance for developing security and privacy functional requirements based on ISO/IEC 15408 |
Identical National Standard Of | ISO/IEC TS 19608:2018 |
Descriptors | Information technology, Access, Data storage protection, Data security, Security |
Publisher | BSI |
Committee | IST/33/3 |
ICS Codes | 35.030 - IT Security |