EN ISO/IEC 15408-2:2026
(Main)Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 2: Security functional components (ISO/IEC 15408-2:2026)
Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 2: Security functional components (ISO/IEC 15408-2:2026)
This document specifies requirements for the required structure and content of security functional components for use during a security evaluation. It includes a catalogue of functional components that meet the common security functionality requirements of many IT products.
Informationssicherheit, Cybersicherheit und Schutz der Privatsphäre - Evaluationskriterien für IT-Sicherheit - Teil 2: Sicherheitsfunktionskomponenten (ISO/IEC 15408-2:2026)
Sécurité de l'information, cybersécurité et protection de la vie privée - Critères d'évaluation pour la sécurité des technologies de l'information - Partie 2: Composants fonctionnels de sécurité (ISO/IEC 15408-2:2026)
Le présent document spécifie les exigences pour la structure requise et le contenu des composants fonctionnels de sécurité au moyen d'une évaluation de sécurité. Il comporte un catalogue des composants fonctionnels qui répondent aux exigences fonctionnelles de sécurité communes à de nombreux produits TI.
Informacijska varnost, kibernetska varnost in varstvo zasebnosti - Merila za vrednotenje varnosti IT - 2. del: Funkcionalne varnostne komponente (ISO/IEC DIS 15408-2:2024)
General Information
- Status
- Not Published
- Publication Date
- 26-May-2026
- Technical Committee
- CEN/CLC/TC 13 - Cybersecurity and Data Protection
- Current Stage
- 6055 - CEN Ratification completed (DOR) - Publishing
- Start Date
- 01-May-2026
- Completion Date
- 01-May-2026
Relations
- Effective Date
- 12-Feb-2026
- Effective Date
- 22-May-2024
Overview
EN ISO/IEC 15408-2:2026 is an essential international standard developed by CEN, specifically addressing information security, cybersecurity, and privacy protection in IT systems. This standard-titled Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 2: Security functional components-defines the necessary structure and content of security functional components used in IT product security evaluations. Central to the widely adopted Common Criteria framework, EN ISO/IEC 15408-2:2026 provides a comprehensive catalogue of security functionalities applicable to various IT environments.
The document ensures that consistent, repeatable, and well-documented criteria are available for assessing the security features of IT products and systems, supporting vendors, evaluators, and users in achieving and maintaining high standards of cybersecurity.
Key Topics
EN ISO/IEC 15408-2:2026 covers a broad spectrum of topics crucial to the evaluation of IT security, including:
- Security Functional Components: Structured sets of requirements that define specific security functionalities an IT product should deliver.
- Functional Class and Family Structures: Organization of security components into classes and families for clarity and systematic evaluation.
- Security Audit: Guidelines for recording, analyzing, and reviewing security-relevant events to support accountability and incident response.
- Cryptographic Support: Criteria for secure cryptographic key management, cryptographic operations, and random number generation.
- User Data Protection: Comprehensive requirements for access control, data authentication, information flow control, and information retention.
- Communication Security: Functional requirements for ensuring non-repudiation and secure data exchange.
- Component Catalogue: A detailed listing enabling developers and evaluators to select appropriate functional components based on system needs.
Applications
EN ISO/IEC 15408-2:2026 brings practical value to a range of stakeholders in the IT security sector:
- Security Evaluations: Used as a reference for third-party evaluation of IT products to ensure compliance with common security criteria.
- Product Development: Assists developers in designing and implementing security features in hardware, software, and integrated IT systems.
- Procurement: Enables organizations to specify security requirements for IT solutions during procurement, promoting robust cybersecurity across supply chains.
- Certification: Forms the functional basis for IT security certification schemes, giving assurance to customers and regulators.
- Regulatory Compliance: Supports alignment with regional and international regulations on data protection and cybersecurity by providing recognized evaluation metrics.
By adopting this standard, organizations enhance their ability to manage information risks, protect sensitive data, and ensure business continuity in the face of escalating cyber threats.
Related Standards
To provide a holistic approach to IT security evaluation and management, the following standards are closely related to EN ISO/IEC 15408-2:2026:
- EN ISO/IEC 15408-1:2026: Introduction and general model for IT security evaluation criteria.
- EN ISO/IEC 15408-3:2026: Security assurance components, complementing the functional catalogue with criteria for assessing the confidence in security functionality.
- ISO/IEC 27001 Series: Standards for information security management systems (ISMS).
- ISO/IEC 18045: Guidelines for the evaluation of IT security using ISO/IEC 15408.
- National and Regional Profiles: Localized profiles and protection profiles developed using the Common Criteria framework.
IT professionals, product developers, and organizations seeking to strengthen their cybersecurity posture are encouraged to integrate EN ISO/IEC 15408-2:2026 and its related standards into their security processes. This integration ensures recognized, effective, and demonstrable controls are in place, aligned with global best practices.
Get Certified
Connect with accredited certification bodies for this standard
BSI Group
BSI (British Standards Institution) is the business standards company that helps organizations make excellence a habit.
Bureau Veritas
Bureau Veritas is a world leader in laboratory testing, inspection and certification services.
DNV
DNV is an independent assurance and risk management provider.
Sponsored listings
Frequently Asked Questions
EN ISO/IEC 15408-2:2026 is a draft published by the European Committee for Standardization (CEN). Its full title is "Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 2: Security functional components (ISO/IEC 15408-2:2026)". This standard covers: This document specifies requirements for the required structure and content of security functional components for use during a security evaluation. It includes a catalogue of functional components that meet the common security functionality requirements of many IT products.
This document specifies requirements for the required structure and content of security functional components for use during a security evaluation. It includes a catalogue of functional components that meet the common security functionality requirements of many IT products.
EN ISO/IEC 15408-2:2026 is classified under the following ICS (International Classification for Standards) categories: 35.030 - IT Security. The ICS classification helps identify the subject area and facilitates finding related standards.
EN ISO/IEC 15408-2:2026 has the following relationships with other standards: It is inter standard links to ISO/IEC 15408-2:2026, EN ISO/IEC 15408-2:2023. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.
EN ISO/IEC 15408-2:2026 is available in PDF format for immediate download after purchase. The document can be added to your cart and obtained through the secure checkout process. Digital delivery ensures instant access to the complete standard document.
Standards Content (Sample)
SLOVENSKI STANDARD
oSIST prEN ISO/IEC 15408-2:2024
01-november-2024
Informacijska varnost, kibernetska varnost in varovanje zasebnosti - Merila za
vrednotenje varnosti IT - 2. del: Funkcionalne varnostne komponente (ISO/IEC DIS
15408-2:2024)
Information security, cybersecurity and privacy protection - Evaluation criteria for IT
security - Part 2: Security functional components (ISO/IEC DIS 15408-2:2024)
Informationssicherheit, Cybersicherheit und Schutz der Privatsphäre -
Evaluationskriterien für IT-Sicherheit - Teil 2: Sicherheitsfunktionskomponenten (ISO/IEC
DIS 15408-2:2024)
Sécurité de l'information, cybersécurité et protection de la vie privée - Critères
d'évaluation pour la sécurité des technologies de l'information - Partie 2: Composants
fonctionnels de sécurité (ISO/IEC DIS 15408-2:2024)
Ta slovenski standard je istoveten z: prEN ISO/IEC 15408-2
ICS:
35.030 Informacijska varnost IT Security
oSIST prEN ISO/IEC 15408-2:2024 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
oSIST prEN ISO/IEC 15408-2:2024
oSIST prEN ISO/IEC 15408-2:2024
DRAFT
International
Standard
ISO/IEC
DIS
15408-2
ISO/IEC JTC 1/SC 27
Information security, cybersecurity
Secretariat: DIN
and privacy protection —
Voting begins on:
Evaluation criteria for IT security —
2024-08-19
Part 2:
Voting terminates on:
2024-11-11
Security functional components
Sécurité de l'information, cybersécurité et protection de la vie
privée — Critères d'évaluation pour la sécurité des technologies
de l'information —
Partie 2: Composants fonctionnels de sécurité
ICS: 35.030
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENTS AND APPROVAL. IT
IS THEREFORE SUBJECT TO CHANGE
AND MAY NOT BE REFERRED TO AS AN
INTERNATIONAL STANDARD UNTIL
PUBLISHED AS SUCH.
This document is circulated as received from the committee secretariat.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
ISO/CEN PARALLEL PROCESSING
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS.
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION.
Reference number
© ISO/IEC 2024
ISO/IEC DIS 15408-2:2024(en)
oSIST prEN ISO/IEC 15408-2:2024
DRAFT
ISO/IEC DIS 15408-2:2024(en)
International
Standard
ISO/IEC
DIS
15408-2
ISO/IEC JTC 1/SC 27
Information security, cybersecurity
Secretariat: DIN
and privacy protection —
Voting begins on:
Evaluation criteria for IT security —
Part 2:
Voting terminates on:
Security functional components
Sécurité de l'information, cybersécurité et protection de la vie
privée — Critères d'évaluation pour la sécurité des technologies
de l'information —
Partie 2: Composants fonctionnels de sécurité
ICS: 35.030
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENTS AND APPROVAL. IT
IS THEREFORE SUBJECT TO CHANGE
AND MAY NOT BE REFERRED TO AS AN
INTERNATIONAL STANDARD UNTIL
PUBLISHED AS SUCH.
This document is circulated as received from the committee secretariat.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
© ISO/IEC 2024
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
STANDARDS MAY ON OCCASION HAVE TO
ISO/CEN PARALLEL PROCESSING
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
BE CONSIDERED IN THE LIGHT OF THEIR
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
or ISO’s member body in the country of the requester.
NATIONAL REGULATIONS.
ISO copyright office
RECIPIENTS OF THIS DRAFT ARE INVITED
CP 401 • Ch. de Blandonnet 8
TO SUBMIT, WITH THEIR COMMENTS,
CH-1214 Vernier, Geneva
NOTIFICATION OF ANY RELEVANT PATENT
Phone: +41 22 749 01 11
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION.
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
© ISO/IEC 2024
ISO/IEC DIS 15408-2:2024(en)
© ISO/IEC 2024 – All rights reserved
ii
oSIST prEN ISO/IEC 15408-2:2024
ISO/IEC DIS 15408-2:2024(en)
DIS ISO/IEC 15408-2(E)
Contents
Foreword . xxi
Legal notice . xxii
Introduction . xxiii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Overview . 4
5.1 General . 4
5.2 Organization of this document . 4
6 Functional requirements paradigm . 5
7 Security functional components . 9
7.1 Overview . 9
7.2 Functional class structure . 9
7.2.1 General . 9
7.2.2 Class name . 9
7.2.3 Class introduction . 9
7.2.4 Class informative notes . 9
7.2.5 Functional families . 10
7.3 Functional family structure . 10
7.3.1 General . 10
7.3.2 Family name . 10
7.3.3 Family behaviour. 10
7.3.4 Component levelling and description . 10
7.3.5 Component management . 11
7.3.6 Component audit . 11
7.3.7 Family application notes . 11
7.3.8 Family evaluator notes . 12
7.3.9 Functional components . 12
7.4 Functional component structure . 12
7.4.1 General . 12
7.4.2 Component name . 12
7.4.3 Component relationships . 12
7.4.4 Component rationale . 13
7.4.5 Functional elements . 13
7.5 Functional elements . 13
7.6 Component catalogue . 14
7.6.1 Highlighting of component changes . 15
8 Class FAU Security audit . 15
8.1 Introduction . 15
8.2 Notes on class FAU . 17
8.2.1 General information about audit requirements . 17
8.2.2 Audit requirements in a distributed environment . 17
8.3 Security audit automatic response (FAU_ARP) . 18
8.3.1 Family Behaviour . 18
8.3.2 Component levelling and description . 18
© ISO/IEC 2024 – All rights reserved
© ISO/IEC 2024 – All rights reserved
iii
iii
oSIST prEN ISO/IEC 15408-2:2024
ISO/IEC DIS 15408-2:2024(en)
DIS ISO/IEC 15408-2(E)
8.3.3 Management of FAU_ARP.1 . 18
8.3.4 Audit of FAU_ARP.1 . 18
8.3.5 Application notes. 18
8.3.6 FAU_ARP.1 Security alarms . 19
8.4 Security audit data generation (FAU_GEN) . 19
8.4.1 Family Behaviour . 19
8.4.2 Component levelling and description . 19
8.4.3 Management of FAU_GEN.1, FAU_GEN.2 . 19
8.4.4 Audit of FAU_GEN.1, FAU_GEN.2 . 19
8.4.5 Application notes. 20
8.4.6 Evaluator notes . 21
8.4.7 FAU_GEN.1 Audit data generation . 21
8.4.8 FAU_GEN.2 User identity association . 22
8.5 Security audit analysis (FAU_SAA) . 23
8.5.1 Family Behaviour . 23
8.5.2 Component levelling and description . 23
8.5.3 Management of FAU_SAA.1 . 23
8.5.4 Management of FAU_SAA.2 . 24
8.5.5 Management of FAU_SAA.3 . 24
8.5.6 Management of FAU_SAA.4 . 24
8.5.7 Audit of FAU_SAA.1, FAU_SAA.2, FAU_SAA.3, FAU_SAA.4 . 24
8.5.8 Application notes. 24
8.5.9 FAU_SAA.1 Potential violation analysis . 24
8.5.10 FAU_SAA.2 Profile based anomaly detection . 25
8.5.11 FAU_SAA.3 Simple attack heuristics . 26
8.5.12 FAU_SAA.4 Complex attack heuristics . 28
8.6 Security audit review (FAU_SAR) . 29
8.6.1 Family Behaviour . 29
8.6.2 Component levelling and description . 29
8.6.3 Management of FAU_SAR.1. 30
8.6.4 Management of FAU_SAR.2, FAU_SAR.3 . 30
8.6.5 Audit of FAU_SAR.1. 30
8.6.6 Audit of FAU_SAR.2. 30
8.6.7 Audit of FAU_SAR.3. 30
8.6.8 Application notes. 30
8.6.9 FAU_SAR.1 Audit review . 31
8.6.10 FAU_SAR.2 Restricted audit review . 31
8.6.11 FAU_SAR.3 Selectable audit review . 31
8.7 Security audit event selection (FAU_SEL) . 32
8.7.1 Family Behaviour . 32
8.7.2 Component levelling and description . 32
8.7.3 Management of FAU_SEL.1 . 32
8.7.4 Audit of FAU_SEL.1 . 32
8.7.5 Application notes. 32
8.7.6 FAU_SEL.1 Selective audit . 33
8.8 Security audit data storage (FAU_STG) . 33
8.8.1 Family Behaviour . 33
8.8.2 Component levelling and description . 34
8.8.3 Management of FAU_STG.1 . 34
8.8.4 Management of FAU_STG.2 . 34
8.8.5 Management of FAU_STG.3 . 34
8.8.6 Management of FAU_STG.4 . 34
8.8.7 Management of FAU_STG.5 . 35
© ISO/IEC 2024 – All rights reserved
iv
oSIST prEN ISO/IEC 15408-2:2024
ISO/IEC DIS 15408-2:2024(en)
DIS ISO/IEC 15408-2(E)
8.8.8 Audit of FAU_STG.1 . 35
8.8.9 Audit of FAU_STG.2, FAU_STG.3 . 35
8.8.10 Audit of FAU_STG.4 . 35
8.8.11 Audit of FAU_STG.5 . 35
8.8.12 Application notes. 35
8.8.13 FAU_STG.1 Audit data storage location . 35
8.8.14 FAU_STG.2 Protected audit data storage . 36
8.8.15 FAU_STG.3 Guarantees of audit data availability . 36
8.8.16 FAU_STG.4 Action in case of possible audit data loss . 37
8.8.17 FAU_STG.5 Prevention of audit data loss . 38
9 Class FCO Communication . 38
9.1 Introduction . 38
9.2 Notes on class FCO . 39
9.3 Non-repudiation of origin (FCO_NRO) . 39
9.3.1 Family Behaviour . 39
9.3.2 Component levelling and description . 39
9.3.3 Management of FCO_NRO.1, FCO_NRO.2 . 40
9.3.4 Audit of FCO_NRO.1 . 40
9.3.5 Audit of FCO_NRO.2 . 40
9.3.6 Application notes. 40
9.3.7 FCO_NRO.1 Selective proof of origin . 41
9.3.8 FCO_NRO.2 Enforced proof of origin . 42
9.4 Non-repudiation of receipt (FCO_NRR) . 43
9.4.1 Family Behaviour . 43
9.4.2 Component levelling and description . 43
9.4.3 Management of FCO_NRR.1, FCO_NRR.2 . 43
9.4.4 Audit of FCO_NRR.1 . 43
9.4.5 Audit of FCO_NRR.2 . 43
9.4.6 Application notes. 44
9.4.7 FCO_NRR.1 Selective proof of receipt . 44
9.4.8 FCO_NRR.2 Enforced proof of receipt . 45
10 Class FCS Cryptographic support . 46
10.1 Introduction . 46
10.2 Notes on class FCS. 48
10.3 Cryptographic key management (FCS_CKM) . 49
10.3.1 Family Behaviour . 49
10.3.2 Component levelling and description . 50
10.3.3 Management of FCS_CKM.1, FCS_CKM.2, FCS_CKM.3, FCS_CKM.5, FCS_CKM.6 . 50
10.3.4 Audit of FCS_CKM.1, FCS_CKM.2, FCS_CKM.3, FCS_CKM.5, FCS_CKM.6 . 50
10.3.5 Application notes. 51
10.3.6 Evaluator notes . 51
10.3.7 FCS_CKM.1 Cryptographic key generation . 52
10.3.8 FCS_CKM.2 Cryptographic key distribution . 52
10.3.9 FCS_CKM.3 Cryptographic key access . 53
10.3.10 FCS_CKM.5 Cryptographic key derivation . 53
10.3.11 FCS_CKM.6 Timing and event of cryptographic key destruction . 54
10.4 Cryptographic operation (FCS_COP) . 55
10.4.1 Family Behaviour . 55
10.4.2 Component levelling and description . 55
10.4.3 Management of FCS_COP.1 . 56
10.4.4 Audit of FCS_COP.1 . 56
10.4.5 Application notes. 56
© ISO/IEC 2024 – All rights reserved
v
v
oSIST prEN ISO/IEC 15408-2:2024
ISO/IEC DIS 15408-2:2024(en)
DIS ISO/IEC 15408-2(E)
10.4.6 FCS_COP.1 Cryptographic operation . 57
10.5 Random bit generation (FCS_RBG) . 58
10.5.1 Family Behaviour . 58
10.5.2 Component levelling and description . 58
10.5.3 Management of FCS_RBG.1, FCS_RBG.2, FCS_RBG.3, FCS_RBG.4, FCS_RBG.5,
FCS_RBG.6 . 58
10.5.4 Audit of FCS_RBG.1, FCS_RBG.2 . 59
10.5.5 Audit of FCS_RBG.3, FCS_RBG.4, FCS_RBG.5, FCS_RBG.6 . 59
10.5.6 Application notes. 59
10.5.7 FCS_RBG.1 Random bit generation (RBG). 59
10.5.8 FCS_RBG.2 Random bit generation (external seeding) . 60
10.5.9 FCS_RBG.3 Random bit generation (internal seeding - single source) . 61
10.5.10 FCS_RBG.4 Random bit generation (internal seeding - multiple sources) . 62
10.5.11 FCS_RBG.5 Random bit generation (combining entropy sources) . 62
10.5.12 FCS_RBG.6 Random bit generation service . 63
10.6 Generation of random numbers (FCS_RNG) . 63
10.6.1 Family Behaviour . 63
10.6.2 Component levelling and description . 63
10.6.3 Management of FCS_RNG.1 . 63
10.6.4 Audit of FCS_RNG.1 . 63
10.6.5 Application notes. 64
10.6.6 FCS_RNG.1 Random number generation . 64
11 Class FDP User data protection. 66
11.1 Introduction . 66
11.2 Notes on class FDP . 69
11.3 Access control policy (FDP_ACC) . 72
11.3.1 Family Behaviour . 72
11.3.2 Component levelling and description . 72
11.3.3 Management of FDP_ACC.1, FDP_ACC.2 . 72
11.3.4 Audit of FDP_ACC.1, FDP_ACC.2 . 72
11.3.5 Application notes. 72
11.3.6 FDP_ACC.1 Subset access control . 73
11.3.7 FDP_ACC.2 Complete access control . 74
11.4 Access control functions (FDP_ACF) . 74
11.4.1 Family Behaviour . 74
11.4.2 Component levelling and description . 74
11.4.3 Management of FDP_ACF.1 . 74
11.4.4 Audit of FDP_ACF.1 . 75
11.4.5 Application notes. 75
11.4.6 FDP_ACF.1 Security attribute-based access control . 75
11.5 Data authentication (FDP_DAU) . 77
11.5.1 Family Behaviour . 77
11.5.2 Component levelling and description . 77
11.5.3 Management of FDP_DAU.1, FDP_DAU.2 . 77
11.5.4 Audit of FDP_DAU.1 . 77
11.5.5 Audit of FDP_DAU.2 . 77
11.5.6 Application notes. 78
11.5.7 FDP_DAU.1 Basic Data Authentication . 78
11.5.8 FDP_DAU.2 Data Authentication with Identity of Guarantor . 78
11.6 Export from the TOE (FDP_ETC) . 79
11.6.1 Family Behaviour . 79
11.6.2 Component levelling and description . 79
11.6.3 Management of FDP_ETC.1 . 79
© ISO/IEC 2024 – All rights reserved
vi
vi
oSIST prEN ISO/IEC 15408-2:2024
ISO/IEC DIS 15408-2:2024(en)
DIS ISO/IEC 15408-2(E)
11.6.4 Management of FDP_ETC.2 . 79
11.6.5 Audit of FDP_ETC.1, FDP_ETC.2. 80
11.6.6 Application notes. 80
11.6.7 FDP_ETC.1 Export of user data without security attributes . 80
11.6.8 FDP_ETC.2 Export of user data with security attributes . 80
11.7 Information flow control policy (FDP_IFC) . 81
11.7.1 Family Behaviour . 81
11.7.2 Component levelling and description . 82
11.7.3 Management of FDP_IFC.1, FDP_IFC.2 . 82
11.7.4 Audit of FDP_IFC.1, FDP_IFC.2 . 82
11.7.5 Application notes. 82
11.7.6 FDP_IFC.1 Subset information flow control . 83
11.7.7 FDP_IFC.2 Complete information flow control . 84
11.8 Information flow control functions (FDP_IFF) . 84
11.8.1 Family Behaviour . 84
11.8.2 Component levelling and description . 85
11.8.3 Management of FDP_IFF.1, FDP_IFF.2. 85
11.8.4 Management of FDP_IFF.3, FDP_IFF.4, FDP_IFF.5 . 85
11.8.5 Management of FDP_IFF.6 . 85
11.8.6 Audit of FDP_IFF.1, FDP_IFF.2, FDP_IFF.5 . 86
11.8.7 Audit of FDP_IFF.3, FDP_IFF.4, FDP_IFF.6 . 86
11.8.8 Application notes. 86
11.8.9 FDP_IFF.1 Simple security attributes . 87
11.8.10 FDP_IFF.2 Hierarchical security attributes . 88
11.8.11 FDP_IFF.3 Limited illicit information flows . 90
11.8.12 FDP_IFF.4 Partial elimination of illicit information flows . 90
11.8.13 FDP_IFF.5 No illicit information flows . 91
11.8.14 FDP_IFF.6 Illicit information flow monitoring . 91
11.9 Information retention control (FDP_IRC) . 92
11.9.1 Family Behaviour . 92
11.9.2 Component levelling and description . 93
11.9.3 Management of FDP_IRC.1 . 93
11.9.4 Audit of FDP_IRC.1 . 93
11.9.5 Application notes. 93
11.9.6 FDP_IRC.1 Information retention control . 93
11.10 Import from outside of the TOE (FDP_ITC) . 94
11.10.1 Family Behaviour . 94
11.10.2 Component levelling and description . 94
11.10.3 Management of FDP_ITC.1, FDP_ITC.2 . 95
11.10.4 Audit of FDP_ITC.1, FDP_ITC.2 . 95
11.10.5 Application notes . 95
11.10.6 FDP_ITC.1 Import of user data without security attributes . 96
11.10.7 FDP_ITC.2 Import of user data with security attributes . 97
11.11 Internal TOE transfer (FDP_ITT) . 97
11.11.1 Family Behaviour . 97
11.11.2 Component levelling and description . 98
11.11.3 Management of FDP_ITT.1, FDP_ITT.2 . 98
11.11.4 Management of FDP_ITT.3, FDP_ITT.4 . 98
11.11.5 Audit of FDP_ITT.1, FDP_ITT.2 . 98
11.11.6 Audit of FDP_ITT.3, FDP_ITT.4 . 98
11.11.7 Application notes . 99
11.11.8 FDP_ITT.1 Basic internal transfer protection . 99
11.11.9 FDP_ITT.2 Transmission separation by attribute . 99
© ISO/IEC 2024 – All rights reserved
vii
oSIST prEN ISO/IEC 15408-2:2024
ISO/IEC DIS 15408-2:2024(en)
DIS ISO/IEC 15408-2(E)
11.11.10 FDP_ITT.3 Integrity monitoring .100
11.11.11 FDP_ITT.4 Attribute-based integrity monitoring .101
11.12 Residual information protection (FDP_RIP) .102
11.12.1 Family Behaviour .102
11.12.2 Component levelling and description .102
11.12.3 Management of FDP_RIP.1, FDP_RIP.2 .102
11.12.4 Audit of FDP_RIP.1, FDP_RIP.2 .103
11.12.5 Application notes .103
11.12.6 FDP_RIP.1 Subset residual information protection .104
11.12.7 FDP_RIP.2 Full residual information protection .104
11.13 Rollback (FDP_ROL).105
11.13.1 Family Behaviour .105
11.13.2 Component levelling and description .105
11.13.3 Management of FDP_ROL.1, FDP_ROL.2 .105
11.13.4 Audit of FDP_ROL.1, FDP_ROL.2 .105
11.13.5 Application notes .105
11.13.6 FDP_ROL.1 Basic rollback .106
11.13.7 FDP_ROL.2 Advanced rollback .106
11.14 Stored data confidentiality (FDP_SDC) .107
11.14.1 Family Behaviour .107
11.14.2 Component levelling and description .107
11.14.3 Management of FDP_SDC.1, FDP_SDC.2 .
...