/*

We value your privacy

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions. Cookie Policy

Customise Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorised as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.

/*]]>*/
TEKRiSQ | Technology Risk Assessment Platform  

TOE Security Policy (TSP)

March 5, 2023

How Can We Help?

TOE Security Policy (TSP)

Created On
Last Updated On
Views14
You are here:
< Back

What Is TOE Security Policy (TSP)?

 

TOE TOS Flaw Hypothesis Methodology Define RMM Cyber Risk Assessment Best Practices

Definition:

Set of rules that regulate how assets are managed, protected, and distributed within the TOE.
SOURCE: CNSSI-4009

Overview of the TOE

The target of evaluation (TOE) is the configuration of MarkLogic Server that is certified by the Common Criteria (CC) evaluation process.  It is the proper setup of the environment in which an evaluated configuration of MarkLogic Server can run. Understanding the Common Criteria (CC) evaluation process is difficult. It requires reviewing multiple documents and cross referencing massive volumes of concepts & definitions. The first challenge is understanding acronyms, which are summarized below:

  • TOE: Target of Evaluation — An IT product or system and its associated administrator and user guidance documentation that is the subject of an evaluation.
  • TSP: TOE Security Policy — A set of rules that regulate how assets are managed, protected and distributed within a TOE.
  • TSF: TOE Security Functions — A set consisting of all hardware, software, and firmware of the TOE that must be relied upon for the correct enforcement of the TSP.
  • PP: Protection Profile — An implementation-independent set of security requirements for a category of TOEs that meet specific consumer needs.
  • ST: Security Target — The set of security requirements & specifications used as the basis for evaluation of an identified TOE.
  • EAL: Evaluation Assurance Level — A package consisting of assurance components from Part 3 that represents a point on the CC predefined assurance scale.
A Good Starting Point: Begin with a cyber risk assessment to baseline foundational cybersecurity.
Tags:

© Copyright 2025 TEKRiSQ, INC. All rights reserved.
Website by: Colophon

TEKRiSQ BBB Business Review