CSDL Home A ARES 2008 2012 Seventh International Conference on Availability, Reliability and Security
Mar. 4, 2008 to Mar. 7, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2008.76
Security facilities of information systems with high security requirements should be consistently and continuously developed, used, and maintained based on some common standards of information security. However, there is no engineering environment that can support all tasks in security engineering consistently and continuously. To construct a security engineering environment, a database that can manage all data concerning all tasks in security engineering is indispensable.This paper presents an Information Security Engineering Database System, named "ISEDS," that we are developing based on ISO standards, and shows its some possible applications. ISEDS manages data of ISO standards of information security and various cases of system development and maintenance. We adopted the international standard ISO/IEC 15408 (Common Criteria) for information security evaluation as one of ISO standards to underlie ISEDS, and implemented major functions of ISEDS and its application tools to manage and use data of ISO/IEC 15408.Developers, users, and maintainers can create, correct, and verify specification documents of security facilities with the application tools.
Information security, Common Criteria, ISO/IEC 15408, An Information Security Engineering Database System, Supporting design of security facilities, Supporting maintenance of security facilities
Daisuke Horie, Shoichi Morimoto, Noor Azimah, Yuichi Goto, Jingde Cheng, "ISEDS: An Information Security Engineering Database System Based on ISO Standards", ARES, 2008, 2012 Seventh International Conference on Availability, Reliability and Security, 2012 Seventh International Conference on Availability, Reliability and Security 2008, pp. 1219-1225, doi:10.1109/ARES.2008.76