Welcome to the InfoSci Platform
Reference Hub7
Holistic and Law Compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA

Holistic and Law Compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA

Daniela Simić-Draws, Stephan Neumann, Anna Kahlert, Philipp Richter, Rüdiger Grimm, Melanie Volkamer, Alexander Roßnagel
Copyright: © 2013 |Volume: 7 |Issue: 3 |Pages: 20
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781466634084|DOI: 10.4018/jisp.2013070102
Cite Article Cite Article

MLA

Simić-Draws, Daniela, et al. "Holistic and Law Compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA." IJISP vol.7, no.3 2013: pp.16-35. http://doi.org/10.4018/jisp.2013070102

APA

Simić-Draws, D., Neumann, S., Kahlert, A., Richter, P., Grimm, R., Volkamer, M., & Roßnagel, A. (2013). Holistic and Law Compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA. International Journal of Information Security and Privacy (IJISP), 7(3), 16-35. http://doi.org/10.4018/jisp.2013070102

Chicago

Simić-Draws, Daniela, et al. "Holistic and Law Compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA," International Journal of Information Security and Privacy (IJISP) 7, no.3: 16-35. http://doi.org/10.4018/jisp.2013070102

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Common Criteria and ISO 27001/IT-Grundschutz are well acknowledged evaluation standards for the security of IT systems and the organisation they are embedded in. These standards take a technical point of view. In legally sensitive areas, such as processing of personal information or online voting, compliance with the legal specifications is of high importance, however, for the users’ trust in an IT system and thus for the success of this system. This article shows how standards for the evaluation of IT security may be integrated with the KORA approach for law compatible technology design to the benefit of both – increasing confidence IT systems and their conformity with the law on one hand and a concrete possibility for legal requirements to be integrated into technology design from the start. The soundness of this interdisciplinary work will be presented in an exemplary application to online voting.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.