• DocumentCode
    3054007
  • Title

    Supporting Compliance with Security Standards by Trust Case Templates

  • Author

    Cyra, Lukasz ; Górski, Janusz

  • Author_Institution
    Tech. Univ. of Gdansk, Gdansk
  • fYear
    2007
  • fDate
    14-16 June 2007
  • Firstpage
    91
  • Lastpage
    98
  • Abstract
    Trust cases are used to justify that a given object (a system, an infrastructure, an organization) exhibits certain properties. One of possible applications of trust cases is related to the processes of achieving and demonstrating the compliance with standards. A trust case template derived from a given standard constitutes a skeleton of justification (encompassing evidence and argumentation) of the compliance with the standard. The article explains the notion of trust case templates and provides some details on the template development process and a generic procedure of template application. The applicability of the proposed approach is demonstrated by referring to the results of a case study of evaluating an example (real) system against the BS 7799 security management standard.
  • Keywords
    security of data; BS 7799 security management standard; security standards; template development process; trust case templates; Documentation; Graphics; Investments; Risk analysis; Safety; Security; Skeleton; Standards development; Standards organizations; Tree graphs;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Dependability of Computer Systems, 2007. DepCoS-RELCOMEX '07. 2nd International Conference on
  • Conference_Location
    Szklarska
  • Print_ISBN
    0-7695-2850-3
  • Type

    conf

  • DOI
    10.1109/DEPCOS-RELCOMEX.2007.44
  • Filename
    4272896
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3054007