Abstract
In the present work, we propose and validate a Common Criteria Standard Protection Profile (sPP) for videoconferencing equipment. The research presents the definition and analysis of the homologation system used to validate the standard protection profile, focusing on its application focused in a large Brazilian financial company. We address the main points to consider in the acquisition and current use of this product: reasonable information security assumptions, technical standards, recommendations, and international best cybersecurity practices. As a result, we have developed a Standard Protection Profile identifying the information security risks involved and the minimum parameters required in those systems acquired and used for Government environments. This paper also presents all tests performed to validate the proposed sPP. As the application is critical, involving sensitive data, our results can also foster less risky conditions in the myriad situations caused by the COVID pandemic.
Highlights
Information Technology (IT) is critical for most businesses and services these days [1]
As a solution to mitigate information security risks in virtual meetings made possible by videoconferencing equipment, we propose a set of security requirements organized according to the so-called Common Criteria Standard
Florentino et al.: Proposal and Validation of a Standard Protection Profile for Homologation a complete, non-cloud-based solution for the homologation of in-house systems supplied for high-sensitivity applications, and have validated it by analyzing an entire video conference system applied in the largest Brazilian bank
Summary
Information Technology (IT) is critical for most businesses and services these days [1]. As we depend on Information Technologies, it has become increasingly important to guarantee their security protection. Businesses and services use digital technologies based on assumptions of the availability of information and the integrity, reliability, and confidentiality of computer systems. Our focus is on guaranteeing that mechatronics systems for videoconferencing meet adequate security requirements. As a solution to mitigate information security risks in virtual meetings made possible by videoconferencing equipment, we propose a set of security requirements organized according to the so-called Common Criteria Standard. We address the security aspects of such systems. B. Florentino et al.: Proposal and Validation of a Standard Protection Profile for Homologation a complete, non-cloud-based solution for the homologation of in-house systems supplied for high-sensitivity applications, and have validated it by analyzing an entire video conference system applied in the largest Brazilian bank. Section five offers our discussion, and the final section sets out the conclusions
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
