Research Article
CCARCH: Architecting Common Criteria Security Requirements
@INPROCEEDINGS{10.1109/IAS.2007.30, author={Jose Romero-Mariona and Hadar Ziv and Debra J. Richardson}, title={CCARCH: Architecting Common Criteria Security Requirements}, proceedings={3rd International ICST Symposium on Information Assurance and Security}, publisher={IEEE}, proceedings_a={IAS}, year={2007}, month={9}, keywords={Application software Computer architecture Computer security Connectors Guidelines Information security Phase measurement Programming Software architecture Spirals}, doi={10.1109/IAS.2007.30} }- Jose Romero-Mariona
Hadar Ziv
Debra J. Richardson
Year: 2007
CCARCH: Architecting Common Criteria Security Requirements
IAS
IEEE
DOI: 10.1109/IAS.2007.30
Abstract
As technology continues to evolve, so do different entities that threaten the security of this technology. We believe that in order to build dependable software security should be treated just as any other important aspect of a system; to do this we must emphasize it at the beginning of our development cycle and be able to carry these security requirements down the cycle. We focus on a technique known as the Common Criteria, which allows for the development of security requirements. We extend the capabilities of Common Criteria beyond the requirements phase, to allow us to take security requirements into further stages of the cycle. In this paper we describe CCARCH, a technique accompanied by a set of tools, that takes Common Criteria expressed security requirements to the architectural level. Our approach aids in making the usage of Common Criteria more beneficial and applicable.
