Abstract
In this paper is expanded a process of evaluation by means of which to determine the functional security requirements of an Information Technology (IT) system. The said process of evaluation has been developed on the bases of two sources currently used to determine the functional security requirements obtaining to an IT system; the first being the new foundation for information security, namely a framework that defines information security as a whole, and the second being the Common Criteria which are used to place information security functions within a framework. These two frameworks are used conjointly to determine the functional security requirements of an IT system. The two frameworks are also defined in such a way as to enable automation of the evaluation process.KeywordsInformation securityCommon Criterianew foundation for information securityfunctional security requirementssecurity functionsinformation security evaluation
Published Version (Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have