Applying Security Engineering to Build Security Countermeasures: An Introduction

Kim, Tai-hoonn; Kwon, Ho-yeol

doi:10.1007/11558958_116

Tai-hoonn Kim¹⁹ &
Ho-yeol Kwon²⁰

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3732))

Included in the following conference series:

International Workshop on Applied Parallel Computing

1418 Accesses

Abstract

The general systems of today are composed of a number of components such as servers and clients, protocols, services, and so on. Systems connected to network have become more complex and wide, but the researches for the systems are focused on the ’performance’ or ’efficiency’. While most of the attention in system security has been focused on encryption technology and protocols for securing the data transaction, it is critical to note that a weakness (or security hole) in any one of the components may comprise whole system. Security engineering is needed for reducing security holes may be included in the software. Therefore, more security-related researches are needed to reduce security weakness may be included in the software. This paper introduces some methods for reducing the threat to the system by applying security engineering, and proposes a method for building security countermeasure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

ISO. ISO/IEC 21827 Information technology - Systems Security Engineering Capability Maturity Model (SSE-CMM)
Google Scholar
ISO. ISO/IECTR 15504-2:1998 Information technology - Software process assessment - Part 2: A reference model for processes and process capability
Google Scholar
ISO. ISO/IECTR 15504-5:1998 Information technology - Software process assessment - Part 5: An assessment model and indicator guidance
Google Scholar
ISO. ISO/IEC 15408-1:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model
Google Scholar
ISO. ISO/IEC 15408-2:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements
Google Scholar
ISO. ISO/IEC 15408-3:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance requirements
Google Scholar
Tai-Hoon, K.: Approaches and Methods of Security Engineering. In: ICCMSE 2004 (2004)
Google Scholar
Kim, T.-H., No, B.-G., Lee, D.-c.: Threat Description for the PP by Using the Concept of the Assets Protected by TOE. In: Sloot, P.M.A., Abramson, D., Bogdanov, A.V., Gorbachev, Y.E., Dongarra, J., Zomaya, A.Y. (eds.) ICCS 2003. LNCS, vol. 2660, pp. 605–613. Springer, Heidelberg (2003)
Chapter Google Scholar
Kim, T.-h., Lee, T.-s., Cho, K.-m., Lee, K.-g.: The Comparison Between The Level of Process Model and The Evaluation Assurance Level. The Journal of The Information Assurance 2(2), KIAS (2002)
Google Scholar
Kim, T.-h., Sung, Y.-g., Cho, K.-m., Kim, S.-h., No, B.-g.: A Study on The Efficiency ElevationMethod of IT Security SystemEvaluation via Process Improvement. The Journal of The Information Assurance 3(1), KIAS (2003)
Google Scholar
Kim, T.-h., Lee, T.-s., Kim, M.-c., Kim, S.-m.: Relationship Between Assurance Class of CC and Product Development Process. In: The 6th Conference on Software Engineering Technology, SETC (2003)
Google Scholar
Shin, H.-J., Kim, H.-K., Kim, T.-H., Kim, S.-H.: A study on the Requirement Analysis for Lifecycle based on Common Criteria. In: Proceedings of The 30th KISS Spring Conference, KISS (2003)
Google Scholar
Kim, T.-H., No, B.-G., Lee, D.-c.: Threat Description for the PP by Using the Concept of the Assets Protected by TOE. In: Sloot, P.M.A., Abramson, D., Bogdanov, A.V., Gorbachev, Y.E., Dongarra, J., Zomaya, A.Y. (eds.) ICCS 2003. LNCS, vol. 2660, pp. 605–613. Springer, Heidelberg (2003)
Chapter Google Scholar
Kim, H.-K., Kim, T.-H., Kim, J.-s.: Reliability Assurance in Development Process for TOE on the Common Criteria. In: 1st ACIS International Conference on SERA
Google Scholar

Download references

Author information

Authors and Affiliations

, San-7, Geoyeo-Dong, Songpa-Gu, Seoul, Korea
Tai-hoonn Kim
Gangwon University, 192-1, Hyoja2-Dong, Chunchon, Kangwon-Do, 200-701, Korea
Ho-yeol Kwon

Authors

Tai-hoonn Kim
View author publications
You can also search for this author in PubMed Google Scholar
Ho-yeol Kwon
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Computer Science Department, University of Tennessee, 37996-3450, Knoxville, TN, USA
Jack Dongarra
Department of Informatics and Mathematical Modelling, Technical University of Denmark, DK-2800, Lyngby, Denmark
Kaj Madsen
Informatics & Mathematical Modeling, Technical University of Denmark, DK-2800, Lyngby, Denmark
Jerzy Waśniewski

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kim, Th., Kwon, Hy. (2006). Applying Security Engineering to Build Security Countermeasures: An Introduction. In: Dongarra, J., Madsen, K., Waśniewski, J. (eds) Applied Parallel Computing. State of the Art in Scientific Computing. PARA 2004. Lecture Notes in Computer Science, vol 3732. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11558958_116

Download citation

DOI: https://doi.org/10.1007/11558958_116
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29067-4
Online ISBN: 978-3-540-33498-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics