Formal Security Policy Model for a Common Criteria evaluation

被引：1

作者：

Park, Junkil ^{[1
]}

Choi, Jin-Young ^{[1
]}

机构：

[1] Korea Univ, Theory & Formal Methods Lab, Seoul, South Korea

来源：

9TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY: TOWARD NETWORK INNOVATION BEYOND EVOLUTION, VOLS 1-3 | 2007年

关键词：

D O I：

10.1109/ICACT.2007.358355

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

The Common Criteria(CC) is an international standard for evaluating secure computer systems. The CC defines seven distinct Evaluation Assurance Levels (EALs). The three highest EALs, the so-called high-assurance levels, require some degree of formalism in development. The Security Policy Model (SPM) is one of the documents required in formalism in high-assurance levels. It is difficult to develop the formal SPM because the CC doesn't specify how to make the document and industries have rarely published it. This paper shows a guideline for the development formal SPM and provides an example of formal SPM using Z, and proves consistency and completeness of the SPM.

引用

页码：277 / +

页数：2

共 50 条

[1] Analyse of the security architecture and policy model in the Common Criteria
Shi H.
Gao J.
Jia W.
Liu H.
[J]. Qinghua Daxue Xuebao/Journal of Tsinghua University, 2016, 56 (05): : 493 - 498
[2] Formal Verification of Security Specifications with Common Criteria
Morimoto, Shoichi
Shigematsu, Shinjiro
Goto, Yuichi
Cheng, Jingde
[J]. APPLIED COMPUTING 2007, VOL 1 AND 2, 2007, : 1506 - +
[3] Formal specification of common criteria based access control policy model
Singh, Manpreet
Patterh, Manjeet S.
[J]. International Journal of Network Security, 2010, 11 (03) : 139 - 148
[4] A NETWORK SECURITY EVALUATION MODEL BASED ON COMMON CRITERIA
Wu, Xiao-Hua
Li, Jian-Pin
Yao, Wang
[J]. 2008 INTERNATIONAL CONFERENCE ON APPERCEIVING COMPUTING AND INTELLIGENCE ANALYSIS (ICACIA 2008), 2008, : 416 - 420
[5] A formal model of Healthcare Security Policy
Cohen, B
[J]. TOWARD AN ELECTRONIC PATIENT RECORD '97 - CONFERENCE AND EXPOSITION, PROCEEDINGS, VOLS 1-3, 1997, : B181 - B196
[6] FESR: A Framework for Eliciting Security Requirements based on Integration of Common Criteria and Weakness Detection Formal Model
Li, Hongbo
Li, Xiaohong
Hao, Jianye
Xu, Guangquan
Feng, Zhiyong
Xie, Xiaofei
[J]. 2017 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY (QRS), 2017, : 352 - 363
[7] Research on formal security policy model specification and its formal analysis
Institute of Software, Chinese Academy of Sciences, Beijing 100080, China
不详
不详
[J]. Tongxin Xuebao, 2006, 6 (94-101):
[8] A formal model for data storage security evaluation
Bilski, Tomasz
[J]. ICCSA 2007: Proceedings of the Fifth International Conference on Computational Science and Applications, 2007, : 253 - 257
[9] Evaluation model for computer security software products based on ISO/IEC 15408 Common Criteria
Alejandro Chamorro, Jose
Pino, Francisco
[J]. SISTEMAS & TELEMATICA, 2011, 9 (19): : 69 - 92
[10] A common criteria framework for the evaluation of information technology systems security
Kruger, R
Eloff, JHP
[J]. INFORMATION SECURITY IN RESEARCH AND BUSINESS, 1997, : 197 - 209

← 1 2 3 4 5 →