KJCKorea
Journal Central

@article{ART001551829},
author={이지연 and 길민욱},
title={Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria},
journal={Journal of Knowledge Information Technology and Systems},
issn={1975-7700},
year={2011},
volume={6},
number={2},
pages={51-57}

TY - JOUR
AU - 이지연
AU - 길민욱
TI - Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria
JO - Journal of Knowledge Information Technology and Systems
PY - 2011
VL - 6
IS - 2
PB - Korea Knowledge Information Technology Society
SP - 51
EP - 57
SN - 1975-7700
AB - CC(Common Criteria) requires to collect vulnerability information and vulnerability analysis by using penetration testing for evaluating IT security products. However, CC has been criticized from developers or QA managers due to its complexity of terms, abstract description of evaluation methods and non-existence of guidelines. In this paper, we propose a guideline of vulnerability assessment for developers and evaluators by analyzing and summarizing of its requirements and processes defined in CC. To do this, we classify the evaluation process of AVA assurance family into 4 parts and describe each evaluation working systematically unit under every steps.
KW - Common Criteria;Vulnerability Assessment;AVA;CAPEC;CEM
DO -
UR -
ER -

이지연 and 길민욱. (2011). Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria. Journal of Knowledge Information Technology and Systems, 6(2), 51-57.

이지연 and 길민욱. 2011, "Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria", Journal of Knowledge Information Technology and Systems, vol.6, no.2 pp.51-57.

이지연, 길민욱 "Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria" Journal of Knowledge Information Technology and Systems 6.2 pp.51-57 (2011) : 51.

이지연, 길민욱. Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria. 2011; 6(2), 51-57.

이지연 and 길민욱. "Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria" Journal of Knowledge Information Technology and Systems 6, no.2 (2011) : 51-57.

이지연; 길민욱. Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria. Journal of Knowledge Information Technology and Systems, 6(2), 51-57.

이지연; 길민욱. Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria. Journal of Knowledge Information Technology and Systems. 2011; 6(2) 51-57.

이지연, 길민욱. Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria. 2011; 6(2), 51-57.

이지연 and 길민욱. "Requirements and Processes of Vulnerability Assessment for IT Security Products in Common Criteria" Journal of Knowledge Information Technology and Systems 6, no.2 (2011) : 51-57.