Abstract
Common Criteria (CC) provides only the standard for evaluating information security product or system. CC based evaluation on system auditing is considered crucial for the overall evaluation and in trouble without an effective method; however, the information system is a large-scale complex system. It includes many uncertain factors, as software, hardware, people and so on. As a result, information systems security risk is related to many ambiguous factors, what are difficult to measure, with ambiguity. In this paper, a method for system auditing based on baseline assessment was presented, In our method, analytic hierarchy process is introduced, which could be used to evaluate the security situation of information system.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
