[EMAIL PROTECTED] (Walt Farrell) writes: > I'll agree that things are generally different above EAL4, but in my > experience typically because the mutual recognition agreements apply only at > EAL4 and lower. And because (I think) in the US you may need the NSA > involved in evaluations at EAL5 and higher. > > But in my experience you can add functional and assurance claims and still > meet any EAL level you want. So I don't quite understand why you couldn't > have gotten an EAL5 evaluation, but obviously I don't have all the details. > > What you can't do is change the basic nature of the assurance claims. Each > assurance level (EAL1, EAL2, etc.) has a prescribed set of assurance claims > that you need to satisfy. The Common Criteria allows some small intended > kinds of modifications (selection from a specified list of actions, > specification of a list of objects or users, etc.). But you're not allowed > to take one of the standard claims and modify the wording to say something > else. And as I understand it that's what the authors of the SKPP protection > profile did. I believe they did so to make the claims better (stronger), as > they see it, for their intended usage. But the changes make the profile no > longer EAL6, or EAL6+ (since they included some EAL7 items) but really > "designed to be like EAL6". > > That's not to say it's a bad or improper protection profile. But I don't > think it's correct to call it EAL6+ (which is probably why the protection > profile authors and the security target authors did not call their works > EAL6+).
re: http://www.garlic.com/~lynn/2008q.html#63 EAL5 Certification for z10 Enterprise Class Server that is separate issue ... in theory, common criteria & EAL is replacement for "rainbow books" and "orange book" evaluation. I've characterized "orange book" as criteria evaluating for general, multi-user, multi-purpose system. This was hard &/or impossible to achieve for many ... and the case was made that a lot of stuff was much more special purpose and didn't need to meet all the requirements for a general purpose system. thus was born common criteria and plethora of "protection profiles" four yrs ago there was a report about 64 or so systems that had received EAL2 evaluation and that 60-some had undisclosed modifications to the standard protection profile ... which defeated the purpose of using the evaluations for comparing different products. for other drift for AADS ... i've claimed that possibly 95% of the "standard" smartcard protection profile (as opposed to pure chip protection profile) ... has to do with assurance related to loading software on a chip. since AADS-based chipcard has no provisions for loading software ... most of smartcard protection profile is superfluous. old thread mentioning EAL5 for PR/SM and mentioning I was looking for EAL5 evaluation criteria for EC/DSA (after NIST had withdrawn the draft specification): http://www.garlic.com/~lynn/2004m.html#41 EAL5 http://www.garlic.com/~lynn/2004m.html#49 EAL5 http://www.garlic.com/~lynn/2004m.html#50 EAL5 -- 40+yrs virtualization experience (since Jan68), online at home since Mar70 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
