CSPP - Guidance for COTS Security Protection Profiles (Formerly: CS2 - Protection Profile Guidance for Near-Term COTS) Version 1.0

CSPP provides the guidance necessary to develop compliant Common Criteria protection profiles for near-term, achievable, security baselines using commercial off-the-shelf (COTS) information technology. CSPP accomplishes this purpose by:--describing a largely policy-neutral, notional information system in the format of a protection profile (PP); --specifying a subset of the common criteria to be used in developing compliant protection profiles; --providing the basis for refining----policy-neutral guidance into specific policy requirements; and --system security threats, objectives, and requirements into a subset which is appropriate for a specific PP. CSPP provides the requirements necessary to specify needs for both stand-alone and distributed, multi-user information systems. This covers general-purpose operating systems, database management systems, and other applications.