ATIS Telecom Glossary
Wednesday, July 30, 2014

A B C D E F G H I
J K L M N O P Q R
S T U V W X Y Z  
Go
 
Glossary Home
Foreword
Introduction
Normative References
Using the ATIS Telecom Glossary
Annex A: Informative References
 
 
 
<< Back
certification

1. [The] comprehensive evaluation of the technical and nontechnical security features of an IS [information system] and other safeguards, made as a part of and in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified security requirements. [INFOSEC-99]   2. The issue by the UK Certification Body of a formal statement, based on a review of the conduct and results of an evaluation, of the extent to which; a. technical security measures meet the Security Requirement for a system, or b. security claims are upheld by a product. Note: A System Electronic Information Security policy is required as the basis for certification of a system. See also: Accreditation, Confidence, Information Technology Security Evaluation and Certification Scheme [CESG].  3. The issue of a formal statement confirming the results of an evaluation, and that the evaluation criteria used were correctly applied [ITSEC].  4. The technical evaluation of a system's security features, made as part of and in support of the approval/accreditation process, that establishes the extent to which a particular computer system's design and implementations meet a set of specified security requirements [TCSEC].

 

 

 

 

 

 

 

 

 

 



 
These definitions were prepared by ATIS Committee PRQC
 
For more information on the work related to these definitions,
please visit the ATIS website and the ATIS Document Center