Title :
Supporting Compliance with Security Standards by Trust Case Templates
Author :
Cyra, Lukasz ; Górski, Janusz
Author_Institution :
Tech. Univ. of Gdansk, Gdansk
Abstract :
Trust cases are used to justify that a given object (a system, an infrastructure, an organization) exhibits certain properties. One of possible applications of trust cases is related to the processes of achieving and demonstrating the compliance with standards. A trust case template derived from a given standard constitutes a skeleton of justification (encompassing evidence and argumentation) of the compliance with the standard. The article explains the notion of trust case templates and provides some details on the template development process and a generic procedure of template application. The applicability of the proposed approach is demonstrated by referring to the results of a case study of evaluating an example (real) system against the BS 7799 security management standard.
Keywords :
security of data; BS 7799 security management standard; security standards; template development process; trust case templates; Documentation; Graphics; Investments; Risk analysis; Safety; Security; Skeleton; Standards development; Standards organizations; Tree graphs;
Conference_Titel :
Dependability of Computer Systems, 2007. DepCoS-RELCOMEX '07. 2nd International Conference on
Conference_Location :
Szklarska
Print_ISBN :
0-7695-2850-3
DOI :
10.1109/DEPCOS-RELCOMEX.2007.44
