2015 | OriginalPaper | Buchkapitel
A Supporting Environment for IT System Security Evaluation Based on ISO/IEC 15408 and ISO/IEC 18045
verfasst von : Huilin Chen, Da Bao, Yuichi Goto, Jingde Cheng
Erschienen in: Computer Science and its Applications
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
ISO/IEC 15408 and ISO/IEC 18045 are a pair of international standards for security evaluation and certification of IT systems. However, security evaluation based on this pair of standards is not an easy work. There are many activities and documents in the whole evaluation process. Complicated tasks in evaluation process may cause people making mistakes in intermediate products and evaluation results. It is also difficult to ensure that evaluation is fair and transparent, although each evaluator tries to evaluate a target system earnestly, evaluation results may be different because of evaluators’ biases. Moreover, to manage a lot of intermediate products in evaluation process is not easy task even for experienced evaluators. This paper presents a supporting environment for IT system security evaluation based on ISO/IEC 15408 and ISO/IEC 18045 which can support all tasks related to security evaluation by guiding and helping evaluators to perform these tasks regularly, and also can support the management of all documents and intermediate products in the whole evaluation process.