Content for TR 33.805 Word version: 12.0.0
A Application of the methodologies
B Common criteria overview
C Self-evaluation and Self-evaluation with Third-party Certification Analysis
D Threat modelling frameworks
E Vendor network product development and network product lifecycle management process assurance requirements
$ Change history
A Application of the methodologies p. 77
A.1 Application of Methodology 1 p. 77
A.2 Application of Methodology 2 p. 77
A.2.1 Basic Vulnerability Testing: examples of test cases p. 77
A.2.2 Security compliance testing: example of security requirements with test cases p. 79
A.2.2.1 Network Product Remote Management p. 79
A.2.2.2 Network Product Local Management p. 80
A.2.2.3 Password Management p. 81
A.2.2.4 Software p. 83
A.2.2.5 System Secure Execution Environment p. 85
A.2.2.6 Network Services p. 87
A.2.2.7 3GPP Capability Configuration p. 88
A.2.2.8 Network Product Access Control p. 89
A.2.2.9 User Audit of Network Product p. 89
B Common criteria overview p. 91
B.1 Target audience of the CC p. 91
B.2 CC and the ISO/IEC p. 92
B.3 Common Criteria (Technical) Process overview p. 93
C Self-evaluation and Self-evaluation with Third-party Certification Analysis p. 94
D Threat modelling frameworks p. 96
D.1 ITU-T X.805 p. 96
D.1.1 Overview p. 96
D.1.2 Security layers and security planes p. 97
D.1.2.1 Security layers p. 98
D.1.2.2 Security planes p. 99
D.1.2.3 Combination of layers and planes p. 100
D.1.3 Complete picture and conclusions for this approach p. 101
D.2 Threats classifications by looking at the sources of attacks p. 102
D.2.1 Overview p. 102
E Vendor network product development and network product lifecycle management process assurance requirements p. 104
E.1 Example of requirements from CPA Build Standard p. 104
E.2 Mapping of the example requirements to Vendor NP Development and NP lifecycle management Assurance blocks p. 105
$ Change history p. 106
