Early evaluation of security functionality in software projects - some experience on using the common criteria in a quality management process

This paper documents the experiences of assurance evaluation during the early stage of a large software development project. This project researches, contracts and integrates privacy-respecting software to business envir
This paper documents the experiences of assurance evaluation during the early stage of a large software development project. This project researches, contracts and integrates privacy-respecting software to business environments. While assurance evaluation with ISO 15408 Common Criteria (CC) within the certification schemes is done after a system has been completed, our approach executes evaluation during the early phases of the software life cycle. The promise is to increase quality and to reduce testing and fault removal costs for later phases of the development process. First results from the still-ongoing project suggests that the Common Criteria can define a framework for assurance evaluation in ongoing development projects.
show moreshow less
Dieses Papier dokumentiert den Versuch, mittels der Common Criteria nach ISO 15408 bereits während der Erstellung eines Softwaresystems dessen Sicherheitseigenschaften zu überprüfen. Dies geschieht im Gegensatz zur üblic
Dieses Papier dokumentiert den Versuch, mittels der Common Criteria nach ISO 15408 bereits während der Erstellung eines Softwaresystems dessen Sicherheitseigenschaften zu überprüfen. Dies geschieht im Gegensatz zur üblichen Post-Entwicklungs-Evaluation.
show moreshow less

Export metadata

  • Export Bibtex
  • Export RIS

Additional Services

    Share in Twitter Search Google Scholar
Metadaten
Author:Tobias Scherner, Lothar Fritsch
URN:urn:nbn:de:hebis:30-44608
Document Type:Working Paper
Language:English
Date of Publication (online):2007/06/04
Year of first Publication:2007
Publishing Institution:Univ.-Bibliothek Frankfurt am Main
Release Date:2007/06/04
Tag:Datenschutz ; Mehrseitige Sicherheit; Zertifizierung ; technischer Datenschutz
Assurance ; Certification ; Common Criteria ; ISO 15408; Information Security ; Privacy
SWD-Keyword:Internationaler Datenschutz; Software Engineering ; Trusted Computing ; Zertifizierung
HeBIS PPN:188421556
Institutes:Wirtschaftswissenschaften
Dewey Decimal Classification:004 Datenverarbeitung; Informatik
Sammlungen:Universitätspublikationen
Licence (German):License Logo Veröffentlichungsvertrag für Publikationen

$Rev: 11761 $