Modeling and Analysis of CC-Based Security Assurance for Composed Systems

The Common Criteria (CC) has been focused on single product that is consisted of one software component. Evaluation modeling of composed product, which is consisted of two or more evaluated or unevaluated component, is needed. In this paper, we survey and classify evaluation criteria for information...

Full description

Saved in:
Bibliographic Details
Main Authors: Kab-seung Kou, Gang-soo Lee
Format: Conference Proceeding
Language:English
Subjects:
Accreditation
Capability maturity model
Certification
Engineering management
IEC standards
Information management
Information security
ISO standards
National security
Software engineering
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Common Criteria (CC) has been focused on single product that is consisted of one software component. Evaluation modeling of composed product, which is consisted of two or more evaluated or unevaluated component, is needed. In this paper, we survey and classify evaluation criteria for information security system and product in context of CC evaluation scheme. We define 5 types of assurance, and propose composition models. Conventional criteria for composed product are surveyed and analyzed.
ISSN:2153-1447
DOI:10.1109/FGCN.2008.173