Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Analyzing Common Criteria Shortcomings to Improve its Efficacy
Blekinge Institute of Technology, School of Computing.
Blekinge Institute of Technology, School of Computing.
2009 (English)Independent thesis Advanced level (degree of Master (Two Years))Student thesisAlternative title
Analysera gemensamma Kriterier Brister att förbättra sin effektivitet (Swedish)
Abstract [en]

Information security has become a key concern for organizations conducting business in the current electronic era. Rapid technological development continuously creates novel security threats, making IT an uncertain infrastructure. So the security is an important factor for the vendors as well as for the consumers. To fulfill the security needs, IT companies have to adopt some standards to assure some levels that concern with the security in their product. Common Criteria (CC) is one of the standards that maintains and controls the security of IT products. Many other standards are also available to assure the security in products but like these standards CC has its own pros and cons. It does not impose predefined security rules that a product should exhibit but a language for security evaluation. CC has certain advantages due to its ability to address all the three dimensions: a) it provides opportunity for users to specify their security requirements, b) an implementation guide for the developers and c) provides comprehensive criteria to evaluate the security requirements. On the downside, it requires considerable amount of resources and is quite time consuming. Another is security requirements that it evaluates and must be defined before the project start which is in direct conflict with the rapidly changing security threat environment. In this research thesis we will analyze the core issues and find the major causes for the criticism. Many IT users in USA and UK have reservations with CC evaluation because of its limitations. We will analyze the CC shortcomings and document them that will be useful for researchers to have an idea of shortcomings associated with CC. This study will potentially be able to strengthen the CC usage with a more effective and responsive evaluation methodology for IT community.

Place, publisher, year, edition, pages
2009. , p. 49
Keywords [en]
CC, Common Criteria, Evaluation of Common Criteria, Analyzing Common Criteria, Common Criteria Shortcomings, Information Technology
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:bth-4776Local ID: oai:bth.se:arkivex99653AC4F8D9C592C12575D700340EEDOAI: oai:DiVA.org:bth-4776DiVA, id: diva2:832124
Uppsok
Technology
Supervisors
Note
Rana Aamir Raza Ashfaq (0046-76-2473148)Available from: 2015-04-22 Created: 2009-06-16 Last updated: 2018-01-11Bibliographically approved

Open Access in DiVA

fulltext(567 kB)1054 downloads
File information
File name FULLTEXT01.pdfFile size 567 kBChecksum SHA-512
7d34f35e8fd2da405bcd1ec8e2673891ee70d82a2c3547d0f2634b749c9065965b9bd4ce7cad7bc69b5e0297481b3c9c823bbae5a26039ae274210bd39f113db
Type fulltextMimetype application/pdf

By organisation
School of Computing
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 1054 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 339 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf