The certification of the Mondex electronic purse to ITSEC Level E6
Formal Aspects of Computing
A formal security policy for xenon
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Hi-index | 0.00 |
The Common Criteria for Information Technology Security Evaluation (CC) is an international standard for evaluating secure computer systems. To obtain high Evaluation Assurance Level, CC requires formalism in the Development class. In the Security Policy Modeling of CC v3.1, the use of formal methods is mandatory. This paper gives a guideline for developing formal security policy model with Z notation in CC v3.1. We compare CC v3.1 to CC v2.3 with respect to security policy model. We explain a structure of formal security policy model written in Z, and provide a formal security policy model of a smart card operating system as an example.