Formal security policy model for a common criteria evaluation

Junkil Park, Jin Young Choi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The Common Criteria(CC) is an international standard for evaluating secure computer systems. The CC defines seven distinct Evaluation Assurance Levels (EALs). The three highest EALs, the so-called high-assurance levels, require some degree of formalism in development. The Security Policy Model (SPM) is one of the documents required in formalism in high-assurance levels. It is difficult to develop the formal SPM because the CC doesn't specify how to make the document and industries have rarely published it. This paper shows a guideline for the development formal SPM and provides an example of formal SPM using Z, and proves consistency and completeness of the SPM.

Original languageEnglish
Title of host publicationInternational Conference on Advanced Communication Technology, ICACT
Pages277-281
Number of pages5
Volume1
DOIs
Publication statusPublished - 2007 Jul 3
Event9th International Conference on Advanced Communication Technology, ICACT 2007 - Gangwon-Do, Korea, Republic of
Duration: 2007 Feb 122007 Feb 14

Other

Other9th International Conference on Advanced Communication Technology, ICACT 2007
CountryKorea, Republic of
CityGangwon-Do
Period07/2/1207/2/14

Fingerprint

Computer systems
Industry

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Cite this

Park, J., & Choi, J. Y. (2007). Formal security policy model for a common criteria evaluation. In International Conference on Advanced Communication Technology, ICACT (Vol. 1, pp. 277-281). [4195134] https://doi.org/10.1109/ICACT.2007.358355

Formal security policy model for a common criteria evaluation. / Park, Junkil; Choi, Jin Young.

International Conference on Advanced Communication Technology, ICACT. Vol. 1 2007. p. 277-281 4195134.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Park, J & Choi, JY 2007, Formal security policy model for a common criteria evaluation. in International Conference on Advanced Communication Technology, ICACT. vol. 1, 4195134, pp. 277-281, 9th International Conference on Advanced Communication Technology, ICACT 2007, Gangwon-Do, Korea, Republic of, 07/2/12. https://doi.org/10.1109/ICACT.2007.358355
Park J, Choi JY. Formal security policy model for a common criteria evaluation. In International Conference on Advanced Communication Technology, ICACT. Vol. 1. 2007. p. 277-281. 4195134 https://doi.org/10.1109/ICACT.2007.358355
Park, Junkil ; Choi, Jin Young. / Formal security policy model for a common criteria evaluation. International Conference on Advanced Communication Technology, ICACT. Vol. 1 2007. pp. 277-281
@inproceedings{e6abbef40ff1404f947db6791206a871,
title = "Formal security policy model for a common criteria evaluation",
abstract = "The Common Criteria(CC) is an international standard for evaluating secure computer systems. The CC defines seven distinct Evaluation Assurance Levels (EALs). The three highest EALs, the so-called high-assurance levels, require some degree of formalism in development. The Security Policy Model (SPM) is one of the documents required in formalism in high-assurance levels. It is difficult to develop the formal SPM because the CC doesn't specify how to make the document and industries have rarely published it. This paper shows a guideline for the development formal SPM and provides an example of formal SPM using Z, and proves consistency and completeness of the SPM.",
author = "Junkil Park and Choi, {Jin Young}",
year = "2007",
month = "7",
day = "3",
doi = "10.1109/ICACT.2007.358355",
language = "English",
isbn = "8955191316",
volume = "1",
pages = "277--281",
booktitle = "International Conference on Advanced Communication Technology, ICACT",

}

TY - GEN

T1 - Formal security policy model for a common criteria evaluation

AU - Park, Junkil

AU - Choi, Jin Young

PY - 2007/7/3

Y1 - 2007/7/3

N2 - The Common Criteria(CC) is an international standard for evaluating secure computer systems. The CC defines seven distinct Evaluation Assurance Levels (EALs). The three highest EALs, the so-called high-assurance levels, require some degree of formalism in development. The Security Policy Model (SPM) is one of the documents required in formalism in high-assurance levels. It is difficult to develop the formal SPM because the CC doesn't specify how to make the document and industries have rarely published it. This paper shows a guideline for the development formal SPM and provides an example of formal SPM using Z, and proves consistency and completeness of the SPM.

AB - The Common Criteria(CC) is an international standard for evaluating secure computer systems. The CC defines seven distinct Evaluation Assurance Levels (EALs). The three highest EALs, the so-called high-assurance levels, require some degree of formalism in development. The Security Policy Model (SPM) is one of the documents required in formalism in high-assurance levels. It is difficult to develop the formal SPM because the CC doesn't specify how to make the document and industries have rarely published it. This paper shows a guideline for the development formal SPM and provides an example of formal SPM using Z, and proves consistency and completeness of the SPM.

UR - http://www.scopus.com/inward/record.url?scp=34347263789&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34347263789&partnerID=8YFLogxK

U2 - 10.1109/ICACT.2007.358355

DO - 10.1109/ICACT.2007.358355

M3 - Conference contribution

SN - 8955191316

SN - 9788955191318

VL - 1

SP - 277

EP - 281

BT - International Conference on Advanced Communication Technology, ICACT

ER -