원문정보
초록
영어
In these days, many organizations try to manage their information system in safe way(i.e., Evaluation, Assurance and Certification of Information Security) due to more rapidly change in information security system(i.e., Operational System). The CC (Common Criteria) is scheme to secure evaluation for information security solution. And the CC was approved by ISO/IEC 15408 in June, 1999 as international standard for information security system evaluation. The UK established C-TAS(CESG Tailored Assurance Service) that evaluate to IT product and software, and operational system. The Japan developed ISO/IEC19791 for information security operating system security evaluation. Thus, we are preparing operating system evaluation. This paper is to propose evaluation model related with operating system evaluation to be enforced in the future.
목차
1. Introduction
2. Evaluation Scope Model for Security Schemes
2.1 Security Evaluation Scheme for Operational System(ISO/IEC TR 19791)
2.2 Security Evaluation Scheme for Information Security Solution(ISO/IEC 15408)
2.3 Security Evaluation Scheme for Information Security Product and System(C-TAS)
3. Definition of evaluation scope
3.1 Temporal scope
3.2 Spatial scope
3.3 Functional scope
4. Conclusion
References