Title :
Supporting verification and validation of security targets with ISO/IEC 15408
Author :
Da Bao ; Miura, Jun ; Ning Zhang ; Goto, Yasunori ; Jingde Cheng
Author_Institution :
Dept. of Inf. & Comput. Sci., Saitama Univ., Saitama, Japan
Abstract :
ISO/IEC 15408 is an international standard for security evaluation of information systems, and can be applied throughout the software life cycle to improve security of information systems. A Security Target, which contains specifications of security functions of the target system, is the most important document in development of the system according to ISO/IEC 15408. Verification and Validation of Security Targets must be strictly performed before development of the system. This paper analyzed and clarified 168 targets that Security Targets must satisfy based on ISO/IEC 18045, and the procedures of examining those targets are also provided. Then the paper proposes comprehensive methods to support verification and validation of Security Targets. With these methods, we can implement comprehensive supporting tools for verification and validation of Security Targets.
Keywords :
IEC standards; ISO standards; formal specification; information systems; program verification; security of data; software standards; ISO/IEC 15408; ISO/IEC 18045; information systems; international standard; security evaluation; security functions specifications; security targets validation; security targets verification; software life cycle; system development; Abstracts; Hardware; IEC standards; ISO standards; Security; Software; ISO/IEC 15408; ISO/IEC 18045; information security; security target; verification and validation;
Conference_Titel :
Mechatronic Sciences, Electric Engineering and Computer (MEC), Proceedings 2013 International Conference on
Conference_Location :
Shengyang
Print_ISBN :
978-1-4799-2564-3
DOI :
10.1109/MEC.2013.6885475
