Formalization of the requirements of security guarantees (in accordance with ISO / IEC 15408) based on CASE-approach
Description: The article describes an approach to the construction of infrastructure, use of software standards. Modern approaches to the formalization of the requirements of security guarantees (in accordance with ISO / IEC 15408) based on CASE-approach using formal notations. On the basis of the performed analysis, the most common notation to represent studies, a selection has been made notation of IT Trust to formalize the requirements of security guarantees. The work was developed a method of constructing the Assurance Case notation in the IT Trust on the basis of “vulnerability analysis”.
Keywords:
information technology security, common criteria, safety justification, the justification of warranties, notation Toulmin, ASCAD, notation IT Trust
Kosenko, Y.V., Usacheva, O.A. and Stadnychenko, M.H. (2016), “Formalyzatsyia trebovanyi harantyi bezopasnosty (v sootvetstvyy so standartom ISO / IEC 15408) na osnove CASE-podkhoda” [Formalization of the requirements of security guarantees (in accordance with ISO / IEC 15408) based on CASE-approach], Scientific Works of Kharkiv National Air Force University, Vol. 1(46), pp. 93-98.