IEC > Webstore > Search > Register > Check out > Payment > Order confirmation

Publication detail

 
Reference P-ISO/IEC/TR 15443-1 ed1.0 withdrawn corrigendum
> preview
Title Information technology - Security techniques - A framework for IT security assurance - Part 1: Overview and framework
Publication date 2008-01-14
Format, price
(Swiss francs)
and language
118.- 23 pages
118.- 243 Kb
 
Abstract ISO/IEC TR 15443 is a multi-part type 3 Technical Report to guide the IT security professional in the selection of an appropriate assurance method when specifying, selecting, or deploying a security service, product, or environmental factor such as an organization or personnel (known as a deliverable). The aim is to understand the assurance type and amount required to achieve confidence that the deliverable satisfies the stated IT security assurance requirements and consequently its security policy.

ISO/IEC TR 15443-1:2005 describes the fundamentals of security assurance and its relation to other security concepts. This is to clarify why security assurance is required and dispel common misconceptions such as that increased assurance is gained by increasing the strength of a security mechanism. The framework includes a categorization of assurance types and a generic lifecycle model to identify the appropriate assurance types required for the deliverable with respect to the deliverable's lifecycle. The model also demonstrates how security assurance must be managed throughout the deliverable's lifecycle requiring assurance decisions to be made by several assurance authorities for the lifecycle stage relevant to their organization (i.e. developer, standards, consumer). The framework has been developed to be general enough to accommodate different assurance types and map into any lifecycle approach so as not to dictate any particular design. Advanced security assurance concepts, such as combining security assurance methods, are addressed briefly as they are to be addressed in later parts of ISO/IEC TR 15443.

ISO/IEC TR 15443 targets IT security managers and other security professionals responsible for developing a security assurance program, engineering security into a deliverable, determining the security assurance of their deliverable, entering an assurance assessment audit (e.g. ISO 9000, SSE-CMM (ISO/IEC 21827), ISO/IEC 15408-3), or other assurance activities.
Technical Committee JTC 1/SC 27 - IT security techniques  RSS
ICS Codes
35.040 Character sets and information coding
*Including coding of audio, picture, multimedia and hypermedia information, IT security techniques, encryption, bar coding, electronic signatures, etc.
 
Replaced by
 

Search

>> Advanced search

Quick access by ref. number



Basket

Your basket is empty
Your country is :
Your TVA is : You must login...

Payment

Accepted credit cards:
Prices in CHF (Swiss francs)
Request a pro forma to pay by bank transfer or cheque
Learn how to share your publications with your colleagues, using networking options
Prices in CHF (Swiss francs)
We accept the following credit cards:
To pay by bank transfer: request a pro forma
If you purchase regularly through the IEC Webstore you can open a corporate account

Just Published

>> Published in the last 30 days

Bestsellers

  1. IEC 60601-1-2 Ed. 4.0
  2. IEC 60825-1 Ed. 3.0
  3. IEC 60529 Ed. 2.2
  4. IEC 61000-4-5 Ed. 3.0
  5. IEC 60068-2-30 Ed. 3.0
  6. IEC 60079-0 Ed. 6.0
  7. IEC 60811-501 Ed. 1.0
  8. IEC 62133 Ed. 2.0
  9. IEC 60950-1 Ed. 2.2
  10. IEC 61000-4-2 Ed. 2.0