Using the Common Criteria for IT Security Evaluation
Regular price
€142.99
14 days return policy
Shipping & Delivery
A01=Debra S. Herrmann
Access Control Rights
advanced IT security evaluation methods
Ape
assurance
Assurance Components
Author_Debra S. Herrmann
Ava
Category=UBL
Category=UMZ
Category=UR
Category=URD
Category=URY
Category=UY
Cc Artifact
Cc Certificate
Common Criteria Recognition Agreement
critical infrastructure protection
cryptographic
Direct Indirect Direct Indirect
EAL
eq_bestseller
eq_computing
eq_isMigrated=1
eq_isMigrated=2
eq_nobargain
eq_non-fiction
Generic Procurement Sequence
IEC JTC
information
information assurance
IT risk assessment
It Security Evaluation
module
national
National Evaluation Authorities
OSPs
partnership
PP
profile
protection
Remote Medium
SARs
security architecture design
security compliance standards
Security Impact Analysis
Security Integrity
SFRs
ST
ST Evaluation
system integrator guide
target
Toe Security
Toe Security Function
Trusted Computer System Evaluation Criteria
validation
Product details
- ISBN 9780849314049
- Dimensions: 178 x 254mm
- Publication Date: 27 Dec 2002
- Publisher: Taylor & Francis Ltd
- Publication City/Country: GB
- Product Form: Paperback
Secure
checkout
Fast Shipping
Easy returns
Many organizations and government agencies require the use of Common Criteria certified products and systems and use the Common Criteria methodology in their acquisition process. In fact, in July 2002 the U.S. National Information Assurance Acquisition Policy (NSTISSP #11) mandated the use of CC evaluated IT security products in critical infrastructure systems. This standard provides a comprehensive methodology for specifying, implementing, and evaluating the security of IT products, systems, and networks. Because the Common Criteria (CC) for IT Security Evaluation is a relatively new international standard, little written material exists which explains this how-to knowledge, and it's not exactly easy to interpret.
Designed to be used by acquiring organizations, system integrators, manufacturers, and Common Criteria testing/certification labs, Using the Common Criteria for IT Security Evaluation explains how and why to use the Common Criteria during the acquisition, implementation or evaluation of an IT product, system, network, or services contract. The text describes the Common Criteria methodology; the major processes, steps, activities, concepts, terminology, and how the CC methodology is used throughout the life of a system. It illustrates how each category of user should employ the methodology as well as their different roles and responsibilities.
This text is an essential resource for all those involved in critical infrastructure systems, like those operated by the FAA, the Federal Reserve Bank, DoD, NATO, NASA, and the intelligence agencies. Organized to follow the Common Criteria lifecycle, Using the Common Criteria for IT Security Evaluation provides examples in each chapter to illustrate how the methodology can be applied in three different scenarios: a COTS product, a system or network, and a services contract. The discussion problems at the end of each chapter ensure the text's effectiveness in an educational setting and ensure that those government officials required to comply with Presidential Decision Directive 63 (PDD-63) will be able to do so with confidence.
