search query: @keyword common criteria / total: 6
results-list
reference: 1 / 6
« previous | next »
Author:Tulensalo, Maria
Title:Common Criteria IT Security Standard in Product Development Process
Common Criteria -turvallisuusstandardi tuotekehitysprosessissa
Publication type:Master's thesis
Publication year:2010
Pages:viii + 73 s. + liitt. 12      Language:   eng
Department/School:Elektroniikan, tietoliikenteen ja automaation tiedekunta
Main subject:Tietoverkkotekniikka   (S-38)
Supervisor:Kilkki, Kalevi
Instructor:Rautavaara, Marjut
Electronic version URL: http://urn.fi/URN:NBN:fi:aalto-201203131551
OEVS:
Electronic archive copy is available via Aalto Thesis Database.
Instructions
close

Reading digital theses in the closed network of the Aalto University Harald Herlin Learning Centre

In the closed network of Learning Centre you can read digital and digitized theses not available in the open network.

The Learning Centre contact details and opening hours: https://learningcentre.aalto.fi/en/harald-herlin-learning-centre/

You can read theses on the Learning Centre customer computers, which are available on all floors.

Logging on to the customer computers

  • Aalto University staff members log on to the customer computer using the Aalto username and password.
  • Other customers log on using a shared username and password.

Opening a thesis

  • On the desktop of the customer computers, you will find an icon titled:

    Aalto Thesis Database

  • Click on the icon to search for and open the thesis you are looking for from Aaltodoc database. You can find the thesis file by clicking the link on the OEV or OEVS field.

Reading the thesis

  • You can either print the thesis or read it on the customer computer screen.
  • You cannot save the thesis file on a flash drive or email it.
  • You cannot copy text or images from the file.
  • You cannot edit the file.

Printing the thesis

  • You can print the thesis for your personal study or research use.
  • Aalto University students and staff members may print black-and-white prints on the PrintingPoint devices when using the computer with personal Aalto username and password. Color printing is possible using the printer u90203-psc3, which is located near the customer service. Color printing is subject to a charge to Aalto University students and staff members.
  • Other customers can use the printer u90203-psc3. All printing is subject to a charge to non-University members.
Location:P1 Ark Aalto  1544   | Archive
Keywords:Common Criteria
security standard
security evaluation
information technology security
development process
turvallisuusstandardi
IT turvallisuus
turvallisuusarviointi
kehitysprosessi
Abstract (eng): Information Technology Security is needed in both IT products and IT systems.
One way to assure the secureness, is through the use of IT security standards.

In this thesis an international IT security standard called Common Criteria (CC) is ex-amined in order to understand how it can be applied to a product development process, and what kind of benefits it brings to the process.
This study begins by reviewing the basics of the IT security aspects, and by explaining the target of IT security standards.
After that the content of the Common Criteria is examined in more details.
The research was made based on a comprehensive literature research and a case using the Common Criteria evaluation assurance level 3.

The Common Criteria sets the basis for the whole life-cycle process of the product.
Although implementing the CC requirements adds extra workload to the process, there are visible advantages for security related matters that could be left unnoticed without a compulsory requirement.
The Common Criteria also receives wide international support and is considered as "the" de facto international standard for IT Security.
However, its inflexibility mainly in terms of time and expenses has brought up a demand for develop-ing it for a more dynamic IT standard.
Abstract (fin): Tietoturvallisuutta tarvitaan informaatioteknologian (IT) tuotteissa ja järjestelmissä.
Yksi tapa varmistaa tuotteiden turvallisuus on käyttää IT -turvallisuusstandardeja.

Tässä tutkielmassa tarkastellaan kansainvälistä IT -turvallisuusstandardia nimeltä Common Criteria (CC), jotta ymmärrettäisiin, kuinka sitä voidaan käyttää ja soveltaa tuote-kehitysprosessissa, sekä mitä hyötyjä standardi tuo prosessille.
Tutkielman alussa tutkitaan IT -turvallisuuden ja sen standardien perusnäkökulmia.
Tämän jälkeen syvennytään Common Criteria -standardiin.
Tutkielma pohjautuu kirjallisuuskatsaukseen sekä esimerkkiin, jossa käytetään Common Criterian arviointiolettamustasoa 3.

Common Criteria luo puitteet koko tuotteen elinkaarelle.
Vaikkakin CC vaatimukset lisäävät työmäärää prosessissa, selviä hyötyjä turvallisuusasioihin on kuitenkin havaittavissa.
Ilman "pakollista vaatimusta" nämä turvallisuusasiat voisivat jäädä huomioimatta.
Common Criterialla on myös laaja kansainvälinen tuki, ja sitä pidetäänkin tämän päivän merkittävimpänä yleisenä kansainvälisenä turvallisuusstandardina.
Kuitenkin CC-standardin joustamattomuus ajan ja kustannusten suhteen on aikaansaanut uusia vaatimuksia sen kehittämiseksi dynaamisempaan suuntaan.
ED:2010-10-15
INSSI record number: 41084
+ add basket
« previous | next »
INSSI