liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Evaluation of the Security of Components in Distributed Information Systems
Linköping University, Department of Electrical Engineering.
2003 (English)Independent thesis Basic level (professional degree)Student thesisAlternative title
Värdering av komponenters säkerhet i distribuerade informations system (Swedish)
Abstract [en]

This thesis suggests a security evaluation framework for distributed information systems, responsible for generating a system modelling technique and an evaluation method. The framework is flexible and divides the problem space into smaller, more accomplishable subtasks with the means to focus on specific problems, aspects or system scopes. The information system is modelled by dividing it into increasingly smaller parts, evaluate the separate parts and then build up the system “bottom up” by combining the components. Evaluated components are stored as reusable instances in a component library. The evaluation method is focusing on technological components and is based on the Security Functional Requirements (SFR) of the Common Criteria. The method consists of the following steps: (1) define several security values with different aspects, to get variable evaluations (2) change and establish the set of SFR to fit the thesis, (3) interpret evaluated security functions, and possibly translate them to CIA or PDR, (4) map characteristics from system components to SFR and (5) combine evaluated components into an evaluated subsystem. An ontology is used to, in a versatile and dynamic way, structure the taxonomy and relations of the system components, the security functions, the security values and the risk handling. It is also a step towards defining a common terminology for IT security.

Place, publisher, year, edition, pages
Institutionen för systemteknik , 2003. , 79 p.
Series
LiTH-ISY-Ex, 3430
Keyword [en]
Informationsteknik, Security Evaluation, Modelling, Distributed Information Systems, Common Criteria, Ontology
Keyword [sv]
Informationsteknik
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:liu:diva-2091OAI: oai:DiVA.org:liu-2091DiVA: diva2:19420
Uppsok
teknik
Available from: 2004-01-26 Created: 2004-01-26 Last updated: 2018-01-13

Open Access in DiVA

fulltext(1717 kB)830 downloads
File information
File name FULLTEXT01.pdfFile size 1717 kBChecksum MD5
04da58760d2fd3eab8c9383b401e149707f2e8d744f83ccfe4d4e554f9872dd418bdb1a8
Type fulltextMimetype application/pdf

By organisation
Department of Electrical Engineering
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 830 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 615 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf