Common Criteria
Edit me
Common Criteria –> objective evaluation to validate that a product/system satisfies a set of sec reqs
- supersedes the two below
- EAL7 (strongest) to EAL0
TCSEC –> structured set of criteria for evaluating computer sec within products & systems
- A1 (strongest) –> D (no protection
ITSEC –> attempt to create sec evaluation criteria in Europe
- F-B3 + E6 (strongest) to F-D+E0 (no protection)