A CC-based Security Engineering Process Evaluation Model

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Jongsook Lee Articles by Jieun Lee Articles by Seunghee Lee Articles by Byoungju Choi

27th Annual International Computer Software and Applications Conference

Dallas, Texas

November 03-November 06

ISBN: 0-7695-2020-0

	ASCII Text	x
	Jongsook Lee, Jieun Lee, Seunghee Lee, Byoungju Choi, "A CC-based Security Engineering Process Evaluation Model," Computer Software and Applications Conference, Annual International, pp. 130, 27th Annual International Computer Software and Applications Conference, 2003.

	BibTex	x
	@article{ 10.1109/CMPSAC.2003.1245332, author = {Jongsook Lee and Jieun Lee and Seunghee Lee and Byoungju Choi}, title = {A CC-based Security Engineering Process Evaluation Model}, journal ={Computer Software and Applications Conference, Annual International}, volume = {0}, year = {2003}, isbn = {0-7695-2020-0}, pages = {130}, doi = {http://doi.ieeecomputersociety.org/10.1109/CMPSAC.2003.1245332}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Software and Applications Conference, Annual International TI - A CC-based Security Engineering Process Evaluation Model SN - 0-7695-2020-0 SP EP A1 - Jongsook Lee, A1 - Jieun Lee, A1 - Seunghee Lee, A1 - Byoungju Choi, PY - 2003 KW - null VL - 0 JA - Computer Software and Applications Conference, Annual International ER -

Jongsook Lee, Ewha Womans University, Korea

Jieun Lee, Ewha Womans University, Korea

Seunghee Lee, Ewha Womans University, Korea

Byoungju Choi, Ewha Womans University, Korea

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CMPSAC.2003.1245332

Common Criteria(CC) provides only the standard for evaluating information security product or system, namely Target of Evaluation (TOE). On the other hand, SSE-CMM provides the standard for Security Engineering Process Evaluation. Based on the CC, TOE's security quality may be assured, but its disadvantage is that the development process is neglected. SSE-CMM seems to assure the quality of TOE developed in an organization equipped with security engineering process, but the TOE developed in such environment cannot avoid CC-based security assurance evaluation.

We propose an effective method of integrating two evaluation methods, CC and SSE-CMM, and develop CC-based assurance evaluation model, CC_SSE-CMM. CC_SSE-CMM presents the specific and realistically operable organizational security process maturity assessment and CC evaluation model.

Citation:

Jongsook Lee, Jieun Lee, Seunghee Lee, Byoungju Choi, "A CC-based Security Engineering Process Evaluation Model," compsac, pp.130, 27th Annual International Computer Software and Applications Conference, 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.