Common Criteria (CC) | Common Criteria for Information Technology Security
Evaluation. |
Package (Package) | A named set of security requirements. A package is either a functional
package containing only SFRs, or an assurance package containing only SARs. Packages
can be used in the construction of larger packages, PPs, and STs. |
Protection Profile (PP) | An implementation-independent set of security requirements for a category
of products. |
Protection Profile Module (PP-Module) | An extension of the security requirements in a
Protection Profile which introduces new elements to the base PP
and may also refine or interpret some of the elements in the base PP. |
Security Target (ST) | A set of implementation-dependent security requirements for a specific
product. |
Target of Evaluation (TOE) |
The product under evaluation. |
TOE Security Functionality (TSF) | The security functionality of the product under evaluation. |
TOE Summary Specification (TSS) | A description of how a TOE satisfies the SFRs in a ST. |
Security Functional Requirement (SFR) | A requirement for security enforcement by the TOE. |
FCS_CKM.2 | To support TLS ciphersuites that use RSA, DHE or ECDHE for key exchange, the PP or PP-Module must
include FCS_CKM.2 and specify the corresponding algorithm. |
FCS_COP.1 | To support TLS ciphersuites that use AES for encryption/decryption, the PP or PP-module
must include FCS_COP.1 (iterating as needed) and specify AES with corresponding key sizes and modes. To
support TLS ciphersuites that use SHA for hashing, the PP or PP-Module must include FCS_COP.1
(iterating as needed) and specify SHA with corresponding digest sizes. |
FCS_RBG_EXT.1 | To support random bit generation needed for the TLS handshake,
the PP or PP-Module must include FCS_RBG_EXT.1. |
FIA_X509_EXT.1 |
To support validation of certificates needed during TLS connection setup,
the PP or PP-Module must include FIA_X509_EXT.1. |
FIA_X509_EXT.2 | To support the use of X509 certificates for authentication in TLS connection setup,
the PP or PP-Module must include FIA_X509_EXT.2. |
AES | Advanced Encryption Standard |
CA | Certificate Authority |
CBC | Cipher Block Chaining |
CN | Common Name |
DHE | Diffie-Hellman Ephemeral |
DN | Distinguished Name |
DNS | Domain Name Server |
DTLS | Datagram Transport Layer Security |
EAP | Extensible Authentication Protocol |
ECDHE | Elliptic Curve Diffie-Hellman Ephemeral |
ECDSA | Elliptic Curve Digital Signature Algorithm |
GCM | Galois/Counter Mode |
HTTP | Hypertext Transfer Protocol |
IETF | Internet Engineering Task Force |
IP | Internet Protocol |
LDAP | Lightweight Directory Access Protocol |
NIST | National Institute of Standards and Technology |
RFC | Request for Comment (IETF) |
RSA | Rivest Shamir Adelman |
SAN | Subject Alternative Name |
SCSV | Signaling Cipher Suite Value |
SHA | Secure Hash Algorithm |
SIP | Session Initiation Protocol |
TCP | Transmission Control Protocol |
TLS | Transport Layer Security |
UDP | User Datagram Protocol |
URI | Uniform Resource Identifier |
URL | Uniform Resource Locator |