COMMON-CRITERIA-EAL
International IT product security evaluation.
Definition
EAL4+ is the standard level for secure OS and commercial HSMs. EAL5+ and EAL6+ for smartcards (bank cards, eID). EAL7 reserved for defence/nuclear. CCRA (Common Criteria Recognition Arrangement) framework recognised by 30+ countries. ANSSI for France via CSPN.
Origin
Common Criteria v1.0 published 1996 ; ISO/IEC 15408 published 1999 ; v3.1 R5 current (April 2017).
Example in context
A Mastercard bank card achieves EAL5+ for its secure element, guaranteeing chip & PIN transaction security.
Related terms
- FIPS 140-3 — US standard.