Abstract
In this paper, we introduce and discuss the system security assurance assessment problematic. We first define and position security assurance in the context of modern networked IT systems. We then motivate and discuss its use. Next, we define the problem of the operational security assurance evaluation. We present and compare two orthogonal approaches to such an evaluation: a spec-based approach, which is an extension of the Common Criteria to systems in operation, and a direct approach, which relies on network management. Finally, we show examples and the pros and the cons of both approaches.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
CC, Common Criteria for IT Security Evaluation, v3.1 (2006 – 2007)
Herrmann, D., Keith, S.: Application of Common Criteria to Telecomm Services: A Case Study. Computer Security Journal XVII(2), 21–28 (2001)
Hearn, J.: Does the common criteria paradigm have a future? IEEE Security & Privacy 2(1), 64–65 (2004)
Keblawi, F., Sullivan, D.: Applying the common criteria in systems engineering. IEEE Security& Privacy 4(2), 50–55 (2006)
Galitzer, S.: Introducing Engineered Composition (EC): An Approach for Extending the Common Criteria to Better Support Composing Systems. In: Proc. Workshop for Application of Engineering Principles to System Security Design, WAEPSSD (2003)
Pham, N., Riguidel, M.: Security Assurance Aggregation for IT Infrastructures. In: IEEE ICSNC 2007 (2007)
Zuccato, A., Marquet, B., Papillon, S., Alden, M.: Service oriented modeling of communication infrastructure for assurance. In: IEEE Information Assurance Workshop (2006)
Bulut, E., Khadraoui, D., Marquet, B.: Multi-Agent based Security Assurance Monitoring System for Telecommunication Infrastructures. In: Proc. Communication, Network, and Information Security? (2007)
CELTIC Bugyo project, http://projects.celtic-initiative.org/bugyo/
Rossebø, J.E.Y., Cadzow, S., Sijben, P.: eTVRA, a Threat, Vulnerability and Risk Assessment Tool for eEurope. In: Stølen, K., et al. (eds.) iTust 2006. LNCS, vol. 3986, pp. 467–471. Springer, Heidelberg (2006)
Riguidel, M., Hecker, A., Simon, V.: Armature for Critical Infrastructures. In: IEEE SMC 2006, Taipei, Taiwan (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hecker, A., Riguidel, M. (2009). On the Operational Security Assurance Evaluation of Networked IT Systems. In: Balandin, S., Moltchanov, D., Koucheryavy, Y. (eds) Smart Spaces and Next Generation Wired/Wireless Networking. ruSMART NEW2AN 2009 2009. Lecture Notes in Computer Science, vol 5764. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04190-7_24
Download citation
DOI: https://doi.org/10.1007/978-3-642-04190-7_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04188-4
Online ISBN: 978-3-642-04190-7
eBook Packages: Computer ScienceComputer Science (R0)