CC-Case B ased on System Development Life-Cycle Process
Proceeding: The International Conference on Computer Security and Digital Investigation (ComSec)Publication Date: 2014-03-18
Authors : Tomoko Kaneko; Shuichiro Yamamoto; Hidehiko Tanaka;
Page : 29-35
Keywords : Assurance Case; CC; GSN; ISO/IEC15026; ISO/IEC 15408; Risk Management; Security assurance;
Abstract
Secure system d esign faces many risks such as information leakage and denial of service. We propose a method named CC-Case to describe security assurance cases based on the security structures and thereat analysis. CC-Case uses Common Criteria (ISO/IEC15408) and Assurance Case (ISO/IEC15026 part2). While the scope of CC-Case mainly focuses to the requirement stage, CC-Case can handle the life-cycle process of system design, which contains the requirement, design, implementation, test and the maintenance stages. Risks in system development are categorized 3 types: Customer agreement risk, Business continuity risk, and System risk. The life-cycle process of CC-Case strengthens the treatment for system risk and business continuity risk by life-cycle support.
Other Latest Articles
- Cyber Secur ity of Smart Grid Systems Using Intrusion Detection Methods
- A Game The ory Based Approach to the Generation of Optimal DDoS Defending Strategy
- Using Genetic Algorithm to Supporting Artificial Neural Network for Intrusion Detection System
- Neglected vaginal pessary
- Tuboenterocutaneous fistula following caesarean section
Last modified: 2014-03-26 22:59:18