ISO/IEC TS 19608:2018
Guidance for developing security and privacy functional requirements based on ISO/IEC 15408
This document provides guidance for:
— selecting and specifying security functional requirements (SFRs) from ISO/IEC 15408-2 to protect Personally Identifiable Information (PII);
— the procedure to define both privacy and security functional requirements in a coordinated manner; and
— developing privacy functional requirements as extended components based on the privacy principles defined in ISO/IEC 29100 through the paradigm described in ISO/IEC 15408-2.
The intended audience for this document are:
— developers who implement products or systems that deal with PII and want to undergo a security evaluation of those products using ISO/IEC 15408. They will get guidance how to select security functional requirements for the Security Target of their product or system that map to the privacy principles defined in ISO/IEC 29100;
— authors of Protection Profiles that address the protection of PII; and
— evaluators that use ISO/IEC 15408 and ISO/IEC 18045 for a security evaluation.
This document is intended to be fully consistent with ISO/IEC 15408; however, in the event of any inconsistency between this document and ISO/IEC 15408, the latter, as a normative standard, takes precedence.
| Get this standard | Prices exclude GST | |
|---|---|---|
| PDF ( Single user document) |
$322.61 NZD
|
|
| HardCopy |
$362.61 NZD
|
|
| Networkable PDF |
Price varies
|
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Purpose and structure of this document
6 Requirement definition
6.1 General
6.2 Security functional requirements (SFRs)
6.2.1 General
6.2.2 Example of security functional requirements
6.2.3 The selection, assignment, refinement and iteration operations
6.2.4 Dependencies between components
6.2.5 Structure of security functional components
6.2.6 List of classes
6.3 Procedure to specify security functional requirements
6.4 Procedure to develop functional components
6.4.1 Procedure
6.4.2 Existing components for privacy requirements in ISO/IEC 15408-2
6.4.3 Extended components for privacy requirements in published PP/STs and research papers
7 Privacy principles
7.1 General
7.2 Input for extended components
7.3 Procedure to develop privacy requirements from privacy principles
7.4 Extended components for privacy
7.4.1 “Consent and choice” principle
7.4.2 "Purpose legitimacy and specification" principle
7.4.3 "Collection limitation" principle: Collecting PII
7.4.4 "Data minimization" and "Use, retention and disclosure limitation" principles
7.4.5 "Openness, transparency and notice" principle
7.4.6 "Individual participation and access" principle
7.4.7 "Accuracy and quality" principle
7.4.8 "Accountability" and "Privacy compliance" principles
7.4.9 "Information Security" principle
8 Summary of extended components and related privacy principles
8.1 General
8.2 Extended components - general definition
8.2.1 General
8.2.2 "Consent and choice" principle
8.2.3 "Data minimization" and "Use, retention and disclosure limitation" principles
8.2.4 "Openness, transparency and notice" principle
8.2.5 "Individual participation and access" principle: Challenging the accuracy and completeness of PII
8.2.6 "Accuracy and quality" principle: Updating PII periodically
Annex A (informative) Existing components used for privacy requirements
Annex B (informative) Extended components for privacy in existing Protection Profiles
Annex C (normative) Example of extended components for privacy
Bibliography
Keep me up-to-date
Register to receive notifications when updates are made to this standard.
Related Information
Similar Standards
-
AS/NZS ISO/IEC 27001:2023
Information security, cybersecurity and privacy protection – Information security management systems – Requirements
-
AS/NZS ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls
-
AS/NZS ISO/IEC 27551:2024
Information security, cybersecurity and privacy protection – Requirements for attribute-based unlinkable entity authentication
-
BS 10754-1:2018
Information technology. Systems trustworthiness, Governance and management specification
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Purpose and structure of this document
6 Requirement definition
6.1 General
6.2 Security functional requirements (SFRs)
6.2.1 General
6.2.2 Example of security functional requirements
6.2.3 The selection, assignment, refinement and iteration operations
6.2.4 Dependencies between components
6.2.5 Structure of security functional components
6.2.6 List of classes
6.3 Procedure to specify security functional requirements
6.4 Procedure to develop functional components
6.4.1 Procedure
6.4.2 Existing components for privacy requirements in ISO/IEC 15408-2
6.4.3 Extended components for privacy requirements in published PP/STs and research papers
7 Privacy principles
7.1 General
7.2 Input for extended components
7.3 Procedure to develop privacy requirements from privacy principles
7.4 Extended components for privacy
7.4.1 “Consent and choice” principle
7.4.2 "Purpose legitimacy and specification" principle
7.4.3 "Collection limitation" principle: Collecting PII
7.4.4 "Data minimization" and "Use, retention and disclosure limitation" principles
7.4.5 "Openness, transparency and notice" principle
7.4.6 "Individual participation and access" principle
7.4.7 "Accuracy and quality" principle
7.4.8 "Accountability" and "Privacy compliance" principles
7.4.9 "Information Security" principle
8 Summary of extended components and related privacy principles
8.1 General
8.2 Extended components - general definition
8.2.1 General
8.2.2 "Consent and choice" principle
8.2.3 "Data minimization" and "Use, retention and disclosure limitation" principles
8.2.4 "Openness, transparency and notice" principle
8.2.5 "Individual participation and access" principle: Challenging the accuracy and completeness of PII
8.2.6 "Accuracy and quality" principle: Updating PII periodically
Annex A (informative) Existing components used for privacy requirements
Annex B (informative) Extended components for privacy in existing Protection Profiles
Annex C (normative) Example of extended components for privacy
Bibliography