Abstract
A PP defines an implementation-independent set of IT security requirements for a category of TOEs. Consumers can therefore construct or cite a PP to express their IT security needs without reference to any specific TOE. Generally, PPs contain security assurance requirements about the security of development environment for IT product or system and they are described in ALC_DVS (Development Security) family in the part 3 of the Common Criteria (CC). This paper proposes some security environments for development site by analyzing the compliance between ALC_DVS.1 of the CC and Base Practices (BPs) of the Systems Security Engineering Capability Maturity.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ISO. ISO/IEC 15408-1: 1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model
Kim, T.-h., Lee, T.-s., Cho, K.-m., Lee, K.-g.: The Comparison Between The Level of Process Model and The Evaluation Assurance Level. The Journal of The Information Assurance, KIAS 2(2) (2002)
Kim, T.-h., Sung, Y.-g., Cho, K.-m., Kim, S.-h., No, B.-g.: A Study on The Efficiency Elevation Method of IT Security System Evaluation via Process Improvement. The Journal of The Information Assurance, KIAS 3(1) (2003)
Kim, T.-h., Lee, T.-s., Kim, M.-c., Kim, S.-m.: Relationship Between Assurance Class of CC and Product Development Process. In: The 6th Conference on Software Engineering Technology, SETC (2003)
Shin, H.-J., Kim, H.-K., Kim, T.-H., Kim, S.-H.: A study on the Requirement Analysis for Lifecycle based on Common Criteria. in: Proceedings of The 30th KISS Spring Conference, KISS (2003)
Kim, T.-H., No, B.-G., Lee, D.-c.: Threat Description for the PP by Using the Concept of the Assets Protected by TOE. In: Sloot, P.M.A., Abramson, D., Bogdanov, A.V., Gorbachev, Y.E., Dongarra, J., Zomaya, A.Y. (eds.) ICCS 2003. LNCS, vol. 2660, pp. 605–613. Springer, Heidelberg (2003)
Kim, H.-K., Kim, T.-H., Kim, J.-s.: Reliability Assurance in Development Process for TOE on the Common Criteria. In: 1st ACIS International Conference on SERA (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, Sy., Shin, Mc. (2005). Protection Profile for Software Development Site. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2005. ICCSA 2005. Lecture Notes in Computer Science, vol 3481. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11424826_53
Download citation
DOI: https://doi.org/10.1007/11424826_53
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25861-2
Online ISBN: 978-3-540-32044-9
eBook Packages: Computer ScienceComputer Science (R0)