Abstract
This paper presents a new approach for security evaluation criteria of network-based IT systems. The Extended Commercial Oriented Functionality Class (E-COFC) addresses a minimum set of security functionalities for the commercial market to reduce technical complexity, and to allow the cost-and time effective application. The standard addresses today’s commercial requirements with its different legal parties involved. In contrast to state-of-the art- approaches such as the Common Criteria, the standard address the contractual relationships the business processes are based on. The E-COFC is considered as a baseline standard commercial enterprises can measure against.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
“Trusted Computer Systems Evaluation Criteria”, DoD 5200.28-STD, Department of Defense, United States of America, December 1985.
“Information Technology Security Evaluation Criteria (ITSEC)-Harmonized Criteria of France, Germany, the Netherlands, and the United Kingdom “, Vers 1.2, 1991.
“The Canadian Trusted Computer Product Evaluation Criteria”, Canadian System Security Center, Communications Security Establishment, Government of Canada, Version 3.0e, January 1993.
“Federal Criteria for Information Technology Security”, Vol. 1 and Vol. 2, Dec. 1992, National Institute Of Standards and Technology & National Security Agency.
“Common Criteria for Information Technology Security Evaluation”, Version 1.0, CCEB.
“Standard ECMA-205, Commercially Oriented Functionality Class for Security Evaluation (COFC) “, ECMA, December 1993.
“Draft Standard ECMA-999, Security Functionalities of the E-COFC, ECMA, March 1997
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Friedr. Vieweg & Sohn Verlagsgesellschaft mbH, Braunschweig/Wiesbaden
About this chapter
Cite this chapter
Herrigel, A., French, R., Siebert, H., Stiegler, H., Tabuchi, H. (1997). The Extended Commercially Oriented Functionality Class for Network-based IT Systems. In: Müller, G., Rannenberg, K., Reitenspieß, M., Stiegler, H. (eds) Verläßliche IT-Systeme. DUD-Fachbeiträge. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-86842-8_19
Download citation
DOI: https://doi.org/10.1007/978-3-322-86842-8_19
Publisher Name: Vieweg+Teubner Verlag
Print ISBN: 978-3-528-05594-3
Online ISBN: 978-3-322-86842-8
eBook Packages: Springer Book Archive