a formal specification of security requirements for a commercial system
a "group" in windows terms of features that does one logical thing, for example a "strict firewall" which contains several features or characteristics that constitute that definition, like stateful inspection, dropping unsolicited packets etc
an implementation independent statement of security requirements that is shown to address threats that exist in a specified environment
a useful way to compare security claims for similar products such as operating systems, firewalls, and smart cards
an implementation-independent set of security functional and assurance requirements for a category of IT products that meet specific consumer needs.
Protection Profile (PP) is a complete definition of the generic, implementation-independent, security requirements needed to address a specified set of security threats.
A Protection Profile (PP) is a document used as part of the evaluation process for the Common Criteria (CC). It is typically created by a user or user community which is an implementation independent specification of information assurance security requirements. A PP is a complete combination of security objectives, security related functional requirements, information assurance requirements, assumptions, and rationale.
