Skip to main content
SpringerLink
Log in

Security Evaluation Targets for Enhancement of IT Systems Assurance

  • Conference paper
Computational Science and Its Applications – ICCSA 2005 (ICCSA 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3481))

Included in the following conference series:

Abstract

The general systems of today are composed of a number of components such as servers and clients, protocols, services, and so on. Systems connected to network have become more complex and wide, but the researches for the systems are focused on the ‘performance’ or ‘efficiency’. While most of the attention in system security has been focused on encryption technology and protocols for securing the data transaction, it is critical to note that a weakness (or security hole) in any one of the components may comprise whole system. Security engineering is needed for reducing security holes may be included in the IT systems. This paper proposes a method for securing the IT systems. This paper proposes IT system security evaluation and certification for achieving some level of assurance each owners of their IT systems want to get.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kim, T.-h., Lee, T.-s., Cho, K.-m., Lee, K.-g.: The Comparison Between The Level of Process Model and The Evaluation Assurance Level. The Journal of The Information Assurance, KIAS 2(2) (2002)

    Google Scholar 

  2. Kim, S., Lee, H.J., Leem, C.S.: Applying the ISO17799 Baseline Controls as a Security Engineering Principle under the Sarbanes-Oxley Act. In: ICCMSE 2004 (2004)

    Google Scholar 

  3. Kim, T.-h., Sung, Y.-g., Cho, K.-m., Kim, S.-h., No, B.-g.: A Study on The Efficiency Elevation Method of IT Security System Evaluation via Process Improvement. The Journal of The Information Assurance, KIAS 3(1) (2003)

    Google Scholar 

  4. Kim, T.-h., Lee, T.-s., Kim, M.-c., Kim, S.-m.: Relationship Between Assurance Class of CC and Product Development Process. In: The 6th Conference on Software Engineering Technology, SETC (2003)

    Google Scholar 

  5. Shin, H.-J., Kim, H.-K., Kim, T.-H., Kim, S.-H.: A study on the Requirement Analysis for Lifecycle based on Common Criteria. In: Proceedings of The 30th KISS Spring Conference, KISS (2003)

    Google Scholar 

  6. Kim, T.-H., No, B.-G., Lee, D.-c.: Threat Description for the PP by Using the Concept of the Assets Protected by TOE. In: Sloot, P.M.A., Abramson, D., Bogdanov, A.V., Gorbachev, Y.E., Dongarra, J., Zomaya, A.Y. (eds.) ICCS 2003. LNCS, vol. 2660, pp. 605–613. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Kim, H.-K., Kim, T.-H., Kim, J.-S.: Reliability Assurance in Development Process for TOE on the Common Criteria. In: 1st ACIS International Conference on SERA

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1.  , San-7, Geoyeo-Dong, Songpa-Gu, Seoul, Korea

    Tai-hoon Kim

  2. Dept. of Information & Communication Eng., SKK Univ., Kyonggi, 440-746, Korea

    Seung-youn Lee

Authors
  1. Tai-hoon Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seung-youn Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy

    Osvaldo Gervasi

  2. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  3. William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA

    Vipin Kumar

  4. Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, P.O. Box, I-06123, Perugia, Italy

    Antonio Laganà

  5. Institute of High Performance Computing, IHCP, 1 Science Park Road, 01-01 The Capricorn, Singapore Science Park II, 117528, Singapore

    Heow Pueh Lee

  6. School of Computing, Soongsil University, Seoul, Korea

    Youngsong Mun

  7. Clayton School of IT, Monash University, 3800, Clayton, Australia

    David Taniar

  8. OptimaNumerics Ltd, P.O. Box, Belfast, United Kingdom

    Chih Jeng Kenneth Tan

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, Th., Lee, Sy. (2005). Security Evaluation Targets for Enhancement of IT Systems Assurance. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2005. ICCSA 2005. Lecture Notes in Computer Science, vol 3481. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11424826_52

Download citation

  • DOI: https://doi.org/10.1007/11424826_52

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25861-2

  • Online ISBN: 978-3-540-32044-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation