Title :
Common Criteria Security Evaluation: A Time and Cost Effective Approach
Author :
Razzazi, Mohammadreza ; Jafari, Mojtaba ; Moradi, Sajjad ; Sharifipanah, Hossein ; Damanafshan, Morteza ; Fayazbakhsh, Kaveh ; Nickabadi, Ahmad
Author_Institution :
Dept. of Comput. Eng. & IT, Amirkabir Univ. of Technol., Tehran
Abstract :
Security is one of the most important concerns for both developers and consumers in the information technology (IT) world. Developing secure IT products demands some standards to assure the security level of the products. Common criteria (CC) standard is formed to achieve this goal. But like other standards, CC has its own problems. In this paper, we address two of these problems: abstraction and time problems. Abstraction in the context of common criteria evaluation methodology is one of the most significant problems in the IT product evaluation process. Furthermore, the other problem of evaluation process based on common criteria is that it is a time consuming process, so it eventually makes the process a costly one. To solve these two problems, we decompose the tasks mentioned in the CC standard into finer ones. Moreover, we propose various expertises and task parallelism for performing aforementioned finer tasks
Keywords :
DP industry; security of data; IT product evaluation process; abstraction problem; common criteria security evaluation; time problem; Computer security; Costs; Information security; Information technology; Internet; Parallel processing; Product development; Standards development; Telecommunication computing; Time sharing computer systems;
Conference_Titel :
Information and Communication Technologies, 2006. ICTTA '06. 2nd
Conference_Location :
Damascus
Print_ISBN :
0-7803-9521-2
DOI :
10.1109/ICTTA.2006.1684943
