Abstract
At the specification phase, the developer of an IT security product identifies and documents applicable security objectives. Specifications are often intuitive and hard to assess and while being syntactically correct may still fail to appropriately capture the security problem addressed. A technique is proposed for expressing Common Criteria compliant security environments and security objectives for high assurance IT security products. The technique is validated by an analysis of the security specification for a device computing digital signatures within the European Union PKI framework. Modifications to the specification are proposed and the possibility of extending the CC treatment of security objectives is discussed.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
