Protection profile: Difference between revisions
imported>Unknown user No edit summary |
imported>Unknown user No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{LanguageHeader|en}} | {{LanguageHeader|en}} | ||
{{CyberTerm|definition=A minimal, baseline set of requirements targeted at mitigating well defined and described threats. The term Protection Profile refers to NSA/NIAP requirements for a technology and does not imply or require the use of Common Criteria as the process for evaluating a product. Protection Profiles may be created by Technical Communities and will include: - a set of technology-specific threats derived from operational knowledge and technical expertise; - a set of core functional requirements necessary to mitigate those threats and establish a basic level of security for a particular technology; and, - a collection of assurance activities tailored to the technology and functional requirements that are transparent, and produce achievable, repeatable, and testable results scoped such that they can be completed within a reasonable timeframe.|source=CNSSI 4009-2015}} | {{CyberTerm|definition=A minimal, baseline set of requirements targeted at mitigating well defined and described threats. The term Protection Profile refers to NSA/NIAP requirements for a technology and does not imply or require the use of Common Criteria as the process for evaluating a product. Protection Profiles may be created by Technical Communities and will include: | ||
- a set of technology-specific threats derived from operational knowledge and technical expertise; | |||
- a set of core functional requirements necessary to mitigate those threats and establish a basic level of security for a particular technology; and, | |||
- a collection of assurance activities tailored to the technology and functional requirements that are transparent, and produce achievable, repeatable, and testable results scoped such that they can be completed within a reasonable timeframe.|source=CNSSI 4009-2015}} | |||
Latest revision as of 00:24, 20 January 2026
Protection profile
A minimal, baseline set of requirements targeted at mitigating well defined and described threats. The term Protection Profile refers to NSA/NIAP requirements for a technology and does not imply or require the use of Common Criteria as the process for evaluating a product. Protection Profiles may be created by Technical Communities and will include: - a set of technology-specific threats derived from operational knowledge and technical expertise; - a set of core functional requirements necessary to mitigate those threats and establish a basic level of security for a particular technology; and, - a collection of assurance activities tailored to the technology and functional requirements that are transparent, and produce achievable, repeatable, and testable results scoped such that they can be completed within a reasonable timeframe.
Source: CNSSI 4009-2015 | Category: