IEC

This document provides guidance relating to the construction of Protection Profiles (PPs) and Security Targets (STs) that are intended to be compliant with the third edition of ISO/IEC 15408 (all parts). It is also applicable to PPs and STs compliant with Common Criteria Version 3.1 Revision 4[6], a technically identical standard published by the Common Criteria Management Board, a consortium of governmental organizations involved in IT security evaluation and certification.

This part of ISO/IEC 15946 describes the mathematical background and general techniques necessary for implementing the elliptic curve cryptography mechanisms defined in ISO/IEC 15946-5, ISO/IEC 9796-3, ISO/IEC 11770-3, ISO/IEC 14888-3, ISO/IEC 18033-2 and other ISO/IEC standards.

This International Standard specifies the non-invasive attack mitigation test metrics for determining conformance to the requirements specified in ISO/IEC 19790 for Security Levels 3 and 4. The test metrics are associated with the security functions specified in ISO/IEC 19790. Testing will be conducted at the defined boundary of the cryptographic module and I/O available at its defined boundary.

ISO/IEC 18384-2 describes a Reference Architecture for SOA Solutions which applies to functional design, performance, development, deployment and management of SOA Solutions. It includes a domain-independent framework, addressing functional requirements and non-functional requirements, as well as capabilities and best practices to support those requirements.

ISO/IEC 18384-3 defines a formal ontology for service-oriented architecture (SOA), an architectural style that supports service orientation. The terms defined in this ontology are key terms from the vocabulary in ISO/IEC 18384-1.

Associated with the provision and operation of a Trusted Third Party (TTP) are a number of security-related issues for which general guidance is necessary to assist business entities, developers and providers of systems and services, etc. This includes guidance on issues regarding the roles, positions and relationships of TTPs and the entities using TTP services, the generic security requirements, who should provide what type of security, what the possible security solutions are, and the operational use and management of TTP service security.

This part of ISO/IEC 9796 specifies six digital signature schemes giving message recovery. The security of these schemes is based on the difficulty of the discrete logarithm problem, which is defined on a finite field or an elliptic curve over a finite field.

This part of ISO/IEC 9796 specifies three digital signature schemes giving message recovery, two of which are deterministic (non-randomized) and one of which is randomized. The security of all three schemes is based on the difficulty of factorizing large numbers. All three schemes can provide either total or partial message recovery.

This International Standard specifies a set of check character systems capable of protecting strings against errors which occur when people copy or type data. This International Standard specifies conformance requirements for products described as generating check characters or checking strings using the systems given in this International Standard.

ISO/IEC 18384-3:2016 defines a formal ontology for service-oriented architecture (SOA), an architectural style that supports service orientation. The terms defined in this ontology are key terms from the vocabulary in ISO/IEC 18384-1.

ISO/IEC 18384-2:2016 describes a Reference Architecture for SOA Solutions which applies to functional design, performance, development, deployment and management of SOA Solutions. It includes a domain-independent framework, addressing functional requirements and non-functional requirements, as well as capabilities and best practices to support those requirements.

ISO/IEC 18384-1:2016 establishes vocabulary, guidelines, and general technical principles underlying service oriented architecture (SOA), including principles relating to functional design, performance, development, deployment, and management.