A Proposal of Appropriate Evaluation Scheme for Exchangeable CAS (XCAS),

  • Yu-na Hwang
  • Hanjae Jeong
  • Sungkyu Cho
  • Songyi Kim
  • Dongho Won
  • Seungjoo Kim
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6047)

Abstract

A conditional access system (CAS) only allows appropriate users to get access to contents. The advent of exchangeable CAS (XCAS) that updated version of CAS is developed. But the standards or evaluation schemes for XCAS are absent, so many interoperability problems among XCAS of each company may have to be occurred. Therefore, a specific scheme that can evaluate the security and suitability of exchangeable conditional access systems has been requested. In this paper, we propose an appropriate evaluation scheme for XCAS. The evaluation scheme includes an evaluation purpose and four components to evaluate the evaluation target, the evaluation process, the evaluation subject, and the evaluation cost involved.

Keywords

XCAS exchangeable CAS Conditional Access System CC Common Criteria CMVP EMV PCIDSS DCAS downloadable CAS 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    OpenCableTM Technical Reports, DCAS System Overview Technical Report, OC-TR-DCAS-D02-060912 (2006)Google Scholar
  2. 2.
    NCTA DCAS Report to FCC (November 2005)Google Scholar
  3. 3.
  4. 4.
  5. 5.
    ISO/IEC 15408-1, Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general modelGoogle Scholar
  6. 6.
    ISO/IEC 15408-2, Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional requirementsGoogle Scholar
  7. 7.
    ISO/IEC 15408-3, Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance requirementsGoogle Scholar
  8. 8.
    NIST, FIPS 140-2: Security Requirements For Cryptographic Modules (May 2001)Google Scholar
  9. 9.
  10. 10.
  11. 11.
  12. 12.
  13. 13.
    EMVCo, LLC. EMVCo Type Approval – Contact Terminal Level 1 – Administrative Process Version 5.0 (January 2009)Google Scholar
  14. 14.
    EMVCo, LLC. EMVCo Type Approval – Contact Terminal Level 2 – Administrative Process Version 2.0 (January 2009)Google Scholar
  15. 15.
  16. 16.
    PCI Security Standard Council, Payment Card Industry (PCI) Data Security Standard: Requirements and Security Assessment Procedures Version 1.2.1 (July 2009)Google Scholar
  17. 17.
  18. 18.
    Digital Cinema Initiatives, LLC, Digital Cinema System Specification Compliance Test Plan Version 1.1 (May 2009)Google Scholar
  19. 19.
    Digital Cinema Initiatives, LLC, Digital Cinema System Specification Version 1.2 (March 2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Yu-na Hwang
    • 1
  • Hanjae Jeong
    • 1
  • Sungkyu Cho
    • 1
  • Songyi Kim
    • 1
  • Dongho Won
    • 1
  • Seungjoo Kim
    • 1
  1. 1.Information Security Group, School of Information and Communication EngineeringSungkyunkwan UniversityGyeonggi-doKorea

Personalised recommendations