Inlämning av Examensarbete / Submission of Thesis

Rana Aamir Raza Ashfaq; Mohammad Qasim Khan MCS-2009:08, pp. 49. COM/School of Computing, 2009.

The work

Författare / Author: Rana Aamir Raza Ashfaq, Mohammad Qasim Khan
aamir.razaa@gmail.com
Titel / Title: Analyzing Common Criteria Shortcomings to Improve its Efficacy
Översatt titel / Translated title: Analysera gemensamma Kriterier Brister att förbättra sin effektivitet
Abstrakt Abstract:

Information security has become a key concern for organizations conducting business in the current electronic era. Rapid technological development continuously creates novel security threats, making IT an uncertain infrastructure. So the security is an important factor for the vendors as well as for the consumers. To fulfill the security needs, IT companies have to adopt some standards to assure some levels that concern with the security in their product. Common Criteria (CC) is one of the standards that maintains and controls the security of IT products. Many other standards are also available to assure the security in products but like these standards CC has its own pros and cons. It does not impose predefined security rules that a product should exhibit but a language for security evaluation. CC has certain advantages due to its ability to address all the three dimensions: a) it provides opportunity for users to specify their security requirements, b) an implementation guide for the developers and c) provides comprehensive criteria to evaluate the security requirements. On the downside, it requires considerable amount of resources and is quite time consuming. Another is security requirements that it evaluates and must be defined before the project start which is in direct conflict with the rapidly changing security threat environment. In this research thesis we will analyze the core issues and find the major causes for the criticism. Many IT users in USA and UK have reservations with CC evaluation because of its limitations. We will analyze the CC shortcomings and document them that will be useful for researchers to have an idea of shortcomings associated with CC. This study will potentially be able to strengthen the CC usage with a more effective and responsive evaluation methodology for IT community.

Ämnesord / Subject: Datavetenskap - Computer Science\Networks and Communications
Datavetenskap - Computer Science\Electronic Security
Datavetenskap - Computer Science\Computersystems
Nyckelord / Keywords: CC, Common Criteria, Evaluation of Common Criteria, Analyzing Common Criteria, Common Criteria Shortcomings, Information Technology

Publication info

Dokument id / Document id:
Program:/ Programme Magisterprogram i Datavetenskap/MSC in Computer science
Registreringsdatum / Date of registration: 06/16/2009
Uppsatstyp / Type of thesis: Masterarbete/Master's Thesis (120 credits)

Context

Handledare / Supervisor: Olle Lindeberg
olle.lindeberg@bth.se
Examinator / Examiner: Guohua Bai
Organisation / Organisation: Blekinge Institute of Technology
Institution / School: COM/School of Computing

+46 455 38 50 00
Anmärkningar / Comments:

Rana Aamir Raza Ashfaq (0046-76-2473148)

Files & Access

Bifogad uppsats fil(er) / Files attached: thesis.pdf (580 kB, öppnas i nytt fönster)