Advanced Security Assurance Case Based on ISO/IEC 15408

被引：30

作者：

Potii, Oleksandr ^{[1
]}

Illiashenko, Oleg ^{[2
]}

Komin, Dmitry ^{[3
]}

机构：

[1] JSC Inst Informat Technol, Dept Informat Secur, UA-61023 Kharkov, Ukraine

[2] Natl Aerosp Univ, Dept Comp Syst & Networks 503, UA-61070 Kharkov, Ukraine

[3] Kharkov Kozhedub Air Force Univ, Air Force Sci Ctr, UA-61023 Kharkov, Ukraine

来源：

THEORY AND ENGINEERING OF COMPLEX SYSTEMS AND DEPENDABILITY | 2015年 / 365卷

关键词：

information security; security assurance; advance security assurance case; ASAC; DRAKON;

D O I：

10.1007/978-3-319-19216-1_37

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Assessment and assurance of conformity with regulation documents assumes significant cost in modern economies. Demonstration of compliance with security standards involves providing evidence that the standards' security criteria are met in full substantiating appropriate decision. Nevertheless despite its importance such type of activity haven't been addressed adequately by the available solutions and the tool support given to conformity assessment and assurance processes is rather poor. International standards do not contain any formal technique for security evaluation, what makes performing evaluation process complicated and one-sided. In the article the approach to the security assurance evaluation Advanced Security Assurance Case (ASAC) is proposed based on refined definition of existed assurance case structure.

引用

页码：391 / 401

页数：11

共 50 条

[1] A security requirement management database based on ISO/IEC 15408
Morimoto, S
Horie, D
Cheng, JD
[J]. COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2006, PT 3, 2006, 3982 : 1 - 10
[2] Development of Supporting Environment for IT System Security Evaluation Based on ISO/IEC 15408 and ISO/IEC 18045
Bao, Da
Sun, Wen
Goto, Yuichi
Cheng, Jingde
[J]. 2018 IEEE SMARTWORLD, UBIQUITOUS INTELLIGENCE & COMPUTING, ADVANCED & TRUSTED COMPUTING, SCALABLE COMPUTING & COMMUNICATIONS, CLOUD & BIG DATA COMPUTING, INTERNET OF PEOPLE AND SMART CITY INNOVATION (SMARTWORLD/SCALCOM/UIC/ATC/CBDCOM/IOP/SCI), 2018, : 204 - 209
[3] A Supporting Tool for IT System Security Specification Evaluation Based on ISO/IEC 15408 and ISO/IEC 18045
Bao, Da
Goto, Yuichi
Cheng, Jingde
[J]. TRENDS AND APPLICATIONS IN KNOWLEDGE DISCOVERY AND DATA MINING: PAKDD 2019 WORKSHOPS, 2019, 11607 : 3 - 14
[4] GEST: A Generator of ISO/IEC 15408 Security Target Templates
Horie, Daisuke
Yajima, Kenichi
Azimah, Noor
Goto, Yuichi
Cheng, Jingde
[J]. COMPUTER AND INFORMATION SCIENCE 2009, 2009, 208 : 149 - 158
[5] Supporting Verification and Validation of Security Targets with ISO/IEC 15408
Bao, Da
Miura, Junichi
Zhang, Ning
Goto, Yuichi
Cheng, Jingde
[J]. PROCEEDINGS 2013 INTERNATIONAL CONFERENCE ON MECHATRONIC SCIENCES, ELECTRIC ENGINEERING AND COMPUTER (MEC), 2013, : 2621 - 2628
[6] Evaluating the security levels of the Web-Portals based on the standard ISO/IEC 15408
Hoang Dang Hai
Pham Thieu Nga
[J]. PROCEEDINGS OF THE NINTH INTERNATIONAL SYMPOSIUM ON INFORMATION AND COMMUNICATION TECHNOLOGY (SOICT 2018), 2018, : 463 - 469
[7] Analysis the priority of security requirement items for the process improvement by ISO/IEC 15504 and ISO/IEC 15408
Lee, Eun-Ser
Kim, Haeng-Kon
Hwang, Sun-Myoung
[J]. SERA 2007: 5TH ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH, MANAGEMENT, AND APPLICATIONS, PROCEEDINGS, 2007, : 25 - +
[8] A web user interface of the security requirement management database based on ISO/IEC 15408
Horie, Daisuke
Morimoto, Shoichi
Cheng, Jingde
[J]. COMPUTATIONAL SCIENCE - ICCS 2006, PT 4, PROCEEDINGS, 2006, 3994 : 797 - 804
[9] Evaluation model for computer security software products based on ISO/IEC 15408 Common Criteria
Alejandro Chamorro, Jose
Pino, Francisco
[J]. SISTEMAS & TELEMATICA, 2011, 9 (19): : 69 - 92
[10] Security design of remote maintenance system for nuclear power plants based on ISO/IEC 15408
Watabe, Ryosuke
Oi, Tadashi
Endo, Yoshio
[J]. PROCEEDINGS OF SICE ANNUAL CONFERENCE, VOLS 1-8, 2007, : 1695 - 1699

← 1 2 3 4 5 →