Its obvious that a physical device (Bank ATM) will have different security needs compared to an email client (Outlook).  Therefore, the CommonCriteria defines a method to compose these differing security targets.

A physical device might need - TamperResistant, WipeSecurityKeyOnTamperDetection, NetworkEncryption.

A single player computer game needs very little security - EncryptPlayerSavegames, InstallationKeyAuthorisation.

The SecurityTarget is usually composed as a description of what needs to be done to protect the TargetOfEvaluation against ThreadAgents.

----

CategorySecurity