Mapping Linux Security Targets to Existing Test Suites

  • C. A. Ardagna
  • E. Damiani
  • N. El Ioini
  • F. Frati
  • P. Giovannini
  • R. Tchokpon
Part of the IFIP – The International Federation for Information Processing book series (IFIPAICT, volume 275)

Abstract

The Common Criteria standard provides an infrastructure for evaluating security functions of IT products and for certifying that security policies claimed by product suppliers are correctly enforced by the security functions themselves. Certifying Open Source software (OSS) can pave the way to OSS adoption in a number of security-conscious application environments. Recent experiences in certifying Linux distributions has pointed out the problem of finding a mapping between descriptions of OSS security functions and existingtest suites developed independently, such as the Linux Test Project. In this paper, we describe a mechanism, based on matching techniques, which semiautomatically associates security functions to existing test suite such as the ones developed by Open Source communities.

Copyright information

© International Federation for Information Processing 2008

Authors and Affiliations

  • C. A. Ardagna
    • 1
  • E. Damiani
    • 1
  • N. El Ioini
    • 2
  • F. Frati
    • 1
  • P. Giovannini
    • 2
  • R. Tchokpon
    • 3
  1. 1.Department of Information TechnologyUniversity of MilanCrema (CR)Italy
  2. 2.Free University of Bozen-BolzanoItaly
  3. 3.Institut de Mathématiques et de Sciences PhysiquesBenin

Personalised recommendations