{"title":"A comparison of the Common Criteria with proposals of information systems security requirements","authors":"D. Mellado, E. Fernández-Medina, M. Piattini","doi":"10.1109/ARES.2006.2","DOIUrl":null,"url":null,"abstract":"Nowadays, security solutions are focused mainly on providing security defences; instead of solving one of the main reasons for security problems that refers to appropriate information systems (IS) design. Fortunately there are several standards, like the Common Criteria, which help to deal with the security requirements along all the IS development cycle. In this paper a comparative analysis of eight different relevant technical proposals, which place great importance on the establishing of security requirements in the development of IS, is carried out. And they provide some significant contributions in aspects related to security. Nevertheless, they only satisfy partly the necessary criteria for the establishment of security requirements, with guarantees and integration in the development of IS. Thus we conclude that they are not specific enough for dealing with security requirements in the first stages of IS development in a systematic and intuitive way.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"518 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"First International Conference on Availability, Reliability and Security (ARES'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2006.2","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 21
Abstract
Nowadays, security solutions are focused mainly on providing security defences; instead of solving one of the main reasons for security problems that refers to appropriate information systems (IS) design. Fortunately there are several standards, like the Common Criteria, which help to deal with the security requirements along all the IS development cycle. In this paper a comparative analysis of eight different relevant technical proposals, which place great importance on the establishing of security requirements in the development of IS, is carried out. And they provide some significant contributions in aspects related to security. Nevertheless, they only satisfy partly the necessary criteria for the establishment of security requirements, with guarantees and integration in the development of IS. Thus we conclude that they are not specific enough for dealing with security requirements in the first stages of IS development in a systematic and intuitive way.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
