Evaluation has been the traditional means of providing assurance and is the basis for prior evaluation criteria documents such as ITSEC. The Common Criteria (CC) defines a Protection Profile (PP) that defines the security environments and specifies the security requirements and protections of the product to be evaluated. The security environments consist of assumptions, threats, and organizational security policies, so the editor of the PP must describe the threats for the PP. In this paper, we propose a method for the description of the threats for the PP by introducing the concept of the assets protected by Target of Evaluations (TOE). © Springer-Verlag Berlin Heidelberg 2003.
CITATION STYLE
Kim, T. H., No, B. G., & Lee, D. C. (2003). Threat description for the PP by using the concept of the assets protected by TOE. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Springer Verlag. https://doi.org/10.1007/3-540-44864-0_63
Mendeley helps you to discover research relevant for your work.