A Quantitative Evaluation Framework for Component Security in Distributed Information Systems
Independent thesis Basic level (professional degree)Student thesisAlternative title
Ett kvantitativt utvärderingsramverk för komponenters säkerhet i distribuerade informationssystem (Swedish)
The Heimdal Framework presented in this thesis is a step towards an unambiguous framework that reveals the objective strength and weaknesses of the security of components. It provides a way to combine different aspects affecting the security of components - such as category requirements, implemented security functionality and the environment in which it operates - in a modular way, making each module replaceable in the event that a more accurate module is developed.
The environment is assessed and quantified through a methodology presented as a part of the Heimdal Framework. The result of the evaluation is quantitative data, which can be presented with varying degrees of detail, reflecting the needs of the evaluator.
The framework is flexible and divides the problem space into smaller, more accomplishable subtasks with the means to focus on specific problems, aspects or system scopes. The evaluation method is focusing on technological components and is based on, but not limited to, the Security Functional Requirements (SFR) of the Common Criteria.
Place, publisher, year, edition, pages
Institutionen för systemteknik , 2004.
Informationsteknik, Quantitative, Security Evaluation, Threat Assessment, Distributed Information Systems, Common Criteria, Evaluation Framework, Component Security
Computer and Information Science
IdentifiersURN: urn:nbn:se:liu:diva-2410OAI: oai:DiVA.org:liu-2410DiVA: diva2:19742