Patterns for Common Criteria Certification

Andreas Daniel Sinnhofer; Wolfgang Raschke; Christian Steger; Christian Josef Kreiner

doi:10.1145/2855321.2855355

Patterns for Common Criteria Certification

Andreas Daniel Sinnhofer, Wolfgang Raschke, Christian Steger, Christian Josef Kreiner

Institut für Technische Informatik (4480)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

One step in the development of certifiable secure systems is to provide trust in the development process and in the implemented security mechanisms of the product. In the domain of information technology, the Common Criteria schemes are used to evaluate the implemented security mechanisms of a product. Traditionally, a product certification is issued at a late stage of the development process, even though some Common Criteria evaluation paradigm exists to support the development process. The usage of such a paradigm would result in a beneficial certification process, since the evaluator gains experience through the maturing product. We have identified patterns which are designed to support the development process of secure applications. Based on these patterns, a systematic approach to integrate the evaluation process into the development process can be defined.

Originalsprache	englisch
Titel	ACM International Conference Proceeding Series
Herausgeber (Verlag)	Association of Computing Machinery
Seiten	1 - 15
ISBN (elektronisch)	978-145033847-9
DOIs	https://doi.org/10.1145/2855321.2855355
Publikationsstatus	Veröffentlicht - 4 Feb. 2016
Veranstaltung	Pattern Languages for Programs - Irsee, Deutschland Dauer: 8 Juli 2015 → 12 Juli 2015

Konferenz

Konferenz	Pattern Languages for Programs
Land/Gebiet	Deutschland
Ort	Irsee
Zeitraum	8/07/15 → 12/07/15

Fields of Expertise

Information, Communication & Computing

Zugriff auf Dokument

10.1145/2855321.2855355

1 Abgeschlossen
2 Laufend

Industrial Informatics
Macher, G., Dobaj, J., Krug, T., Blažević, R. & Veledar, O.
1/09/12 → …
Projekt: Arbeitsgebiet
Hardware/Software-Codesign
Steger, C., Seifert, C., Stelzer, P., Fiala, G. & Basic, F.
1/01/95 → …
Projekt: Arbeitsgebiet
ASIDS - Advanced Secure Identification Systems
Steger, C., Oppermann, F. J., Kreiner, C. J., Krampl, F., Maierl, P., Sinnhofer, A. D. & Hechl, A.
1/06/14 → 30/11/16
Projekt: Forschungsprojekt

Dieses zitieren

@inproceedings{33bed834baed4b67a76a0918472c32e0,

title = "Patterns for Common Criteria Certification",

abstract = "One step in the development of certifiable secure systems is to provide trust in the development process and in the implemented security mechanisms of the product. In the domain of information technology, the Common Criteria schemes are used to evaluate the implemented security mechanisms of a product. Traditionally, a product certification is issued at a late stage of the development process, even though some Common Criteria evaluation paradigm exists to support the development process. The usage of such a paradigm would result in a beneficial certification process, since the evaluator gains experience through the maturing product. We have identified patterns which are designed to support the development process of secure applications. Based on these patterns, a systematic approach to integrate the evaluation process into the development process can be defined.",

author = "Sinnhofer, {Andreas Daniel} and Wolfgang Raschke and Christian Steger and Kreiner, {Christian Josef}",

year = "2016",

month = feb,

day = "4",

doi = "10.1145/2855321.2855355",

language = "English",

pages = "1 -- 15",

booktitle = "ACM International Conference Proceeding Series",

publisher = "Association of Computing Machinery",

address = "United States",

note = "Pattern Languages for Programs ; Conference date: 08-07-2015 Through 12-07-2015",

}

TY - GEN

T1 - Patterns for Common Criteria Certification

AU - Sinnhofer, Andreas Daniel

AU - Raschke, Wolfgang

AU - Steger, Christian

AU - Kreiner, Christian Josef

PY - 2016/2/4

Y1 - 2016/2/4

N2 - One step in the development of certifiable secure systems is to provide trust in the development process and in the implemented security mechanisms of the product. In the domain of information technology, the Common Criteria schemes are used to evaluate the implemented security mechanisms of a product. Traditionally, a product certification is issued at a late stage of the development process, even though some Common Criteria evaluation paradigm exists to support the development process. The usage of such a paradigm would result in a beneficial certification process, since the evaluator gains experience through the maturing product. We have identified patterns which are designed to support the development process of secure applications. Based on these patterns, a systematic approach to integrate the evaluation process into the development process can be defined.

AB - One step in the development of certifiable secure systems is to provide trust in the development process and in the implemented security mechanisms of the product. In the domain of information technology, the Common Criteria schemes are used to evaluate the implemented security mechanisms of a product. Traditionally, a product certification is issued at a late stage of the development process, even though some Common Criteria evaluation paradigm exists to support the development process. The usage of such a paradigm would result in a beneficial certification process, since the evaluator gains experience through the maturing product. We have identified patterns which are designed to support the development process of secure applications. Based on these patterns, a systematic approach to integrate the evaluation process into the development process can be defined.

U2 - 10.1145/2855321.2855355

DO - 10.1145/2855321.2855355

M3 - Conference paper

SP - 1

EP - 15

BT - ACM International Conference Proceeding Series

PB - Association of Computing Machinery

T2 - Pattern Languages for Programs

Y2 - 8 July 2015 through 12 July 2015

ER -

Patterns for Common Criteria Certification

Abstract

Konferenz

Fields of Expertise

Zugriff auf Dokument

Fingerprint

Projekte

Industrial Informatics

Hardware/Software-Codesign

ASIDS - Advanced Secure Identification Systems

Dieses zitieren