Title :
Measuring IT security - a method based on common criteria´s security functional requirements
Author :
Hunstad, Amund ; Hallberg, Jonas ; Andersson, Richard
Author_Institution :
Dept. of Syst. Anal. & IT Security, Swedish Defence Res. Agency, Sweden
Abstract :
A networked defense, and the networked information society, requires both trustworthy information systems and that users and societies trust these systems. Since the trustworthiness of systems depends on the level of IT security, the ability to assess the IT security ability is vital. Currently, there are no efficient methods for establishing the level of IT security in information systems. The main results described in this paper are: a set of security functions needed in systems, based on the security functional requirements of the Common Criteria (CC, 1999) and a method using the set of security functions to assess the securability of components in distributed information systems. Work in progress focuses on system-wide evaluations.
Keywords :
data integrity; distributed databases; formal specification; security of data; Common Criteria security functional requirements; IT security; distributed information systems; trustworthy information systems; Availability; Distributed information systems; Humans; Information security; Information systems; Power system security; Testing;
Conference_Titel :
Information Assurance Workshop, 2004. Proceedings from the Fifth Annual IEEE SMC
Print_ISBN :
0-7803-8572-1
DOI :
10.1109/IAW.2004.1437821
