2018年10月
Development of Supporting Environment for IT System Security Evaluation Based on ISO/IEC 15408 and ISO/IEC 18045
Proceedings of 2018 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovations
- ,
- ,
- ,
- 開始ページ
- 204
- 終了ページ
- 209
- 記述言語
- 英語
- 掲載種別
- 研究論文(国際会議プロシーディングス)
- DOI
- 10.1109/SmartWorld.2018.00070
ISO/IEC 15408 and ISO/IEC 18045 are a pair of international competitive standards for security evaluation and certification of IT systems. Evaluation based on ISO/IEC 15408 and ISO/IEC 18045 is a very complex process that involves tens of documents and tasks. Performing the tasks in evaluation process by human costs a lot of time and it is also difficult to ensure impartial and no subjective mistakes. These issues not only result in consuming a lot of time, but also affect the fairness, correctness and accuracy of evaluation results. A supporting environment was proposed to provide necessary software tools to supports all tasks in the evaluation process automatically to ensure the quality of evaluation resultsat the same time reduce the complexity of all evaluator and certifiers' work. To provide full facilities of the supporting environment, we must clarify every task in the evaluation process and provide appropriate methods for developing supporting tools. This paper deeply analyzes all of the software supportable tasks in the evaluation process and clarifies all detail targets for each task. And then we also provide corresponding methods to support these tasks. This paper also shows a set of developed supporting tools that can perform the evaluation tasks in an organized way.
- リンク情報
- ID情報
-
- DOI : 10.1109/SmartWorld.2018.00070