Threat description for the PP by using the concept of the assets protected by TOE

Authors:
Tai-hoon Kim;Byung-gyu No;Dong Chun Lee
Affiliations:
KISA, Seoul, Korea;KISA, Seoul, Korea;Dept. of Computer Science Howon Univ., Korea
Venue:
ICCS'03 Proceedings of the 2003 international conference on Computational science
Year:
2003

Citing 1
Cited 9

Wireless Security: Models, Threats, and Solutions

Wireless Security: Models, Threats, and Solutions

Development system security process of ISO/IEC TR 15504 and security considerations for software process improvement

ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Design procedure of IT systems security countermeasures

ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Security evaluation targets for enhancement of IT systems assurance

ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Protection profile for software development site

ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Software design method enhanced by appended security requirements

PCM'04 Proceedings of the 5th Pacific Rim conference on Advances in Multimedia Information Processing - Volume Part I
Towards new areas of security engineering

RSFDGrC'05 Proceedings of the 10th international conference on Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing - Volume Part II
Applying security engineering to build security countermeasures: an introduction

PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
Intelligent method for building security countermeasures by applying dr. t.h. kim's block model

KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
A relationship between products evaluation and IT systems assurance

KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I

Quantified Score

Hi-index	0.00

Visualization

Abstract

Evaluation has been the traditional means of providing assurance and is the basis for prior evaluation criteria documents such as ITSEC. The Common Criteria (CC) defines a Protection Profile (PP) that defines the security environments and specifies the security requirements and protections of the product to be evaluated. The security environments consist of assumptions, threats, and organizational security policies, so the editor of the PP must describe the threats for the PP. In this paper, we propose a method for the description of the threats for the PP by introducing the concept of the assets protected by Target of Evaluations (TOE).