Picture 1 of 1
Stock photo
Picture 1 of 1
Stock photo
Using the Common Criteria for IT Security Evaluation by Debra S. Herrmann (2002, Uk-B Format Paperback)
McKinney’s Treasure Trove (435)
99.2% positive feedback
Price:
$188.75
Free shipping
Returns:
30 days returns. Buyer pays for return shipping. If you use an eBay shipping label, it will be deducted from your refund amount.
Condition:
Please Note: All photos in our listings are stock photos unless stated differently. This item will ship internationally, please take note of the shipping time displayed by eBay. International orders will be forwarded to our local warehouse in your country before final delivery to you if you're located in the US or UK, and tracking will not start updating until your order has reached our warehouse. Thank you.
- Buy It NowUsing the Common Criteria for IT Security Evaluation
Oops! Looks like we're having trouble connecting to our server.
Refresh your browser window to try again.
About this product
Product Identifiers
PublisherAuerbach Publishers, Incorporated
ISBN-100849314046
ISBN-139780849314049
eBay Product ID (ePID)2294811
Product Key Features
Number of Pages304 Pages
Publication NameUsing the Common Criteria for It Security Evaluation
LanguageEnglish
Publication Year2002
SubjectSoftware Development & Engineering / General, Security / General, Telecommunications, Information Technology
TypeTextbook
Subject AreaComputers, Technology & Engineering
AuthorDebra S. Herrmann
FormatUk-B Format Paperback
Dimensions
Item Height0.6 in
Item Weight18.9 Oz
Item Length9.9 in
Item Width7.1 in
Additional Product Features
Intended AudienceScholarly & Professional
LCCN2002-033250
Dewey Edition21
IllustratedYes
Dewey Decimal005.8
Table Of ContentIntroduction Background Purpose Scope Intended Audience Organization What Are the Common Criteria? History Purpose and Intended Use Major Components of the Methodology and How They Work Relationship to Other Standards CC User Community and Stakeholders Future of the CC Summary Discussion Problems Specifying Security Requirements: The Protection Profile Purpose Structure Introduction TOE Description TOE Security Environment Security Objectives Security Requirements PP Application Notes Rationale Summary Discussion Problems Designing a Security Architecture: The Security Target Purpose Structure Introduction TOE Description Security Environment Security Objectives Security Requirements TOE Summary Specification PP Claims Rationale Summary Discussion Problems Verifying a Security Solution: Security Assurance Activities Purpose ISO/IEC 15408-3 Common Evaluation Methodology (CEM) National Evaluation Schemes Interpretation of Results Relation to Security Certification and Accreditation (C&A) Activities Summary Discussion Problems Postscript ASE-Security Target Evaluation AVA - Vulnerability Analysis and Penetration Testing Services Contracts Schedules for New CC Standards (ISO/IEC and CCIMB) Annex A : Glossary of Acronyms and Terms Annex B: Additional Resources Standards, Regulations, and Policy (Historical and Current) Publications Online Resources Annex C: Common Criteria Recognition Agreement (CCRA) Participants Australia and New Zealand Defence Signals Directorate Canada Finland France Germany Greece Israel Italy The Netherlands Norway Spain Sweden United Kingdom United States Annex D: Accredited Common Criteria Evaluation Labs Australia and New Zealand Canada France Germany United Kingdom United StatesAnnex E: Accredited Cryptographic Module Testing Laboratories Canada United States Annex F: Glossary of Classes and Families
SynopsisMany organizations and government agencies require the use of Common Criteria certified products and systems and use the Common Criteria methodology in their acquisition process. In fact, in July 2002 the U.S. National Information Assurance Acquisition Policy (NSTISSP #11) mandated the use of CC evaluated IT security products in critical infrastructure systems. This standard provides a comprehensive methodology for specifying, implementing, and evaluating the security of IT products, systems, and networks. Because the Common Criteria (CC) for IT Security Evaluation is a relatively new international standard, little written material exists which explains this how-to knowledge, and it's not exactly easy to interpret. Designed to be used by acquiring organizations, system integrators, manufacturers, and Common Criteria testing/certification labs, Using the Common Criteria for IT Security Evaluation explains how and why to use the Common Criteria during the acquisition, implementation or evaluation of an IT product, system, network, or services contract. The text describes the Common Criteria methodology; the major processes, steps, activities, concepts, terminology, and how the CC methodology is used throughout the life of a system. It illustrates how each category of user should employ the methodology as well as their different roles and responsibilities. This text is an essential resource for all those involved in critical infrastructure systems, like those operated by the FAA, the Federal Reserve Bank, DoD, NATO, NASA, and the intelligence agencies. Organized to follow the Common Criteria lifecycle, Using the Common Criteria for IT Security Evaluation provides examples in each chapter to illustrate how the methodology can be applied in three different scenarios: a COTS product, a system or network, and a services contract. The discussion problems at the end of each chapter ensure the text's effectiveness in an educational setting and ensure that those government officials required to comply with Presidential Decision Directive 63 (PDD-63) will be able to do so with confidence.
LC Classification NumberTK5102.85.H47 2002
Be the first to write a review
