Abstract
The general systems of today are composed of a number of components such as servers and clients, protocols, services, and so on. Systems connected to network have become more complex and wide, but the researches for the systems are focused on the ‘performance’ or ‘efficiency’. While most of the attention in system security has been focused on encryption technology and protocols for securing the data transaction, it is critical to note that a weakness (or security hole) in any one of the components may comprise whole system. Security engineering is needed for reducing security holes may be included in the IT systems. This paper proposes a method for securing the IT systems. This paper proposes IT system security evaluation and certification for achieving some level of assurance each owners of their IT systems want to get.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kim, T.-h., Lee, T.-s., Cho, K.-m., Lee, K.-g.: The Comparison Between The Level of Process Model and The Evaluation Assurance Level. The Journal of The Information Assurance, KIAS 2(2) (2002)
Kim, S., Lee, H.J., Leem, C.S.: Applying the ISO17799 Baseline Controls as a Security Engineering Principle under the Sarbanes-Oxley Act. In: ICCMSE 2004 (2004)
Kim, T.-h., Sung, Y.-g., Cho, K.-m., Kim, S.-h., No, B.-g.: A Study on The Efficiency Elevation Method of IT Security System Evaluation via Process Improvement. The Journal of The Information Assurance, KIAS 3(1) (2003)
Kim, T.-h., Lee, T.-s., Kim, M.-c., Kim, S.-m.: Relationship Between Assurance Class of CC and Product Development Process. In: The 6th Conference on Software Engineering Technology, SETC (2003)
Shin, H.-J., Kim, H.-K., Kim, T.-H., Kim, S.-H.: A study on the Requirement Analysis for Lifecycle based on Common Criteria. In: Proceedings of The 30th KISS Spring Conference, KISS (2003)
Kim, T.-H., No, B.-G., Lee, D.-c.: Threat Description for the PP by Using the Concept of the Assets Protected by TOE. In: Sloot, P.M.A., Abramson, D., Bogdanov, A.V., Gorbachev, Y.E., Dongarra, J., Zomaya, A.Y. (eds.) ICCS 2003. LNCS, vol. 2660, pp. 605–613. Springer, Heidelberg (2003)
Kim, H.-K., Kim, T.-H., Kim, J.-S.: Reliability Assurance in Development Process for TOE on the Common Criteria. In: 1st ACIS International Conference on SERA
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, Th., Lee, Sy. (2005). Security Evaluation Targets for Enhancement of IT Systems Assurance. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2005. ICCSA 2005. Lecture Notes in Computer Science, vol 3481. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11424826_52
Download citation
DOI: https://doi.org/10.1007/11424826_52
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25861-2
Online ISBN: 978-3-540-32044-9
eBook Packages: Computer ScienceComputer Science (R0)