标准摘要
[中文适用范围]: 本国际标准规定了测试实验室用于测试密码模块是否符合 ISO/IEC 19790:2006 规定的要求的方法。 这些方法的开发是为了在测试过程中提供高度的客观性,并确保测试实验室之间的一致性。 该国际标准还规定了供应商向测试实验室提供的信息的要求,作为证明其密码模块符合 ISO/IEC 19790:2006 中规定的要求的支持证据。 供应商可以使用该国际标准作为指导,在向测试实验室申请测试之前尝试验证其密码模块是否满足 ISO/IEC 19790 中规定的要求。 [外文原描述]: ISO/IEC 24759:2008 specifies the methods to be used by testing laboratories to test whether a cryptographic module conforms to the requirements specified in ISO/IEC 19790:2006. The methods are developed to provide a high degree of objectivity during the testing process and to ensure consistency across the testing laboratories. Within each subclause of the security requirements clause of ISO/IEC 24759:2008, the corresponding security requirements from ISO/IEC 19790:2006 are divided into a set of assertions (i.e. statements that have to be true for the module to satisfy the requirement of a given area at a given level). All of the assertions are direct quotations from ISO/IEC 19790:2006. Following each assertion is a set of requirements levied on the vendor. These specify the types of documentation or explicit information that the vendor is required to provide in order for the tester to verify conformance to the given assertion. Also following each assertion and the requirements levied on the vendor is a set of requirements levied on the tester of the cryptographic module. These specify what the tester needs to do in order to test the cryptographic module with respect to the given assertion. Vendors can use ISO/IEC 24759:2008 as guidance in trying to verify whether their cryptographic modules satisfy the requirements specified in ISO/IEC 19790:2006 before they apply to the testing laboratory for testing.
英文名称Information technology - Security techniques - Test requirements for cryptographic modules