{"title":"与ISO/IEC 15408相关的软件可支持任务分析","authors":"Ning Zhang, A. Suhaimi, Y. Goto, Jingde Cheng","doi":"10.1109/CIS.2013.132","DOIUrl":null,"url":null,"abstract":"From the perspective of information security engineering, ISO/IEC 15408, one of ISO/IEC security standards, plays an important role to ensure the whole security of an information/software system. ISO/IEC 15408 is a complex security standard which requires involvement of wide range of participants to perform a quite number of tasks as well as various documents. ISO/IEC 15408 is periodically reviewed and maintained to achieve ongoing improvement so that workflow of tasks and contents/format of documents related with the standard are changed according to changes of the standards. Consequently, it is difficult to do all of the tasks related with ISO/IEC 15408 without any supporting tools. However, there is no study to identify which tasks related with ISO/IEC 15408 can be supported by software tools. Indeed, no one makes clear what the tasks and participants exist. This paper presents the first analysis to identify all software supportable tasks related with ISO/IEC 15408. The paper enumerates all of the participants, documents, and tasks related with ISO/IEC 15408 and shows relationship among them, and identifies all software supportable tasks. The analysis and its results become a basis to construct an information security engineering environment based on ISO/IEC 15408 for ensuring the whole security of an information/software system.","PeriodicalId":294223,"journal":{"name":"2013 Ninth International Conference on Computational Intelligence and Security","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"An Analysis of Software Supportable Tasks Related with ISO/IEC 15408\",\"authors\":\"Ning Zhang, A. Suhaimi, Y. Goto, Jingde Cheng\",\"doi\":\"10.1109/CIS.2013.132\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"From the perspective of information security engineering, ISO/IEC 15408, one of ISO/IEC security standards, plays an important role to ensure the whole security of an information/software system. ISO/IEC 15408 is a complex security standard which requires involvement of wide range of participants to perform a quite number of tasks as well as various documents. ISO/IEC 15408 is periodically reviewed and maintained to achieve ongoing improvement so that workflow of tasks and contents/format of documents related with the standard are changed according to changes of the standards. Consequently, it is difficult to do all of the tasks related with ISO/IEC 15408 without any supporting tools. However, there is no study to identify which tasks related with ISO/IEC 15408 can be supported by software tools. Indeed, no one makes clear what the tasks and participants exist. This paper presents the first analysis to identify all software supportable tasks related with ISO/IEC 15408. The paper enumerates all of the participants, documents, and tasks related with ISO/IEC 15408 and shows relationship among them, and identifies all software supportable tasks. The analysis and its results become a basis to construct an information security engineering environment based on ISO/IEC 15408 for ensuring the whole security of an information/software system.\",\"PeriodicalId\":294223,\"journal\":{\"name\":\"2013 Ninth International Conference on Computational Intelligence and Security\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 Ninth International Conference on Computational Intelligence and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CIS.2013.132\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Ninth International Conference on Computational Intelligence and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS.2013.132","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Analysis of Software Supportable Tasks Related with ISO/IEC 15408
From the perspective of information security engineering, ISO/IEC 15408, one of ISO/IEC security standards, plays an important role to ensure the whole security of an information/software system. ISO/IEC 15408 is a complex security standard which requires involvement of wide range of participants to perform a quite number of tasks as well as various documents. ISO/IEC 15408 is periodically reviewed and maintained to achieve ongoing improvement so that workflow of tasks and contents/format of documents related with the standard are changed according to changes of the standards. Consequently, it is difficult to do all of the tasks related with ISO/IEC 15408 without any supporting tools. However, there is no study to identify which tasks related with ISO/IEC 15408 can be supported by software tools. Indeed, no one makes clear what the tasks and participants exist. This paper presents the first analysis to identify all software supportable tasks related with ISO/IEC 15408. The paper enumerates all of the participants, documents, and tasks related with ISO/IEC 15408 and shows relationship among them, and identifies all software supportable tasks. The analysis and its results become a basis to construct an information security engineering environment based on ISO/IEC 15408 for ensuring the whole security of an information/software system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
