Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

Security Evaluation Criteria for Firewalls in Kirea

  • Published : 1998.09.01
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, to use the evaluated firewall is recognized as a solution to achieve the security and reliability for government and organizarions in Korea. Results of firewall evaluation using ITSEC(Information Technology Security Evaluation Criteria) and CCPP(Common Criteria Protection Peofile)have been announced. Because there are problems to apply ITSECor CCPP for the firewall evaluation in korea environment, korea government and korea Information security Agency (KISA) decided to develop our own security dvaluation critrtia fir firewalls.As a result of the efforts, Korea firewall security evaluation criteria has been published on Feb. 1998. In this paper, we introduce Korea security evaluation criteria for firewalls. The ceiteria consists of functional and assurance requirements that are compatible with CC Evaluation Assurance Levels(EALs)

Keywords

References

  1. 2nd Symposium on Information Security The Evaluation and Certification System of Information Security System K. Y. Hong
  2. Department of Defense Trusted Computer System Evaluation Criteria, DOD 5200.28-STD National Computer Security Center
  3. Trusted Network Interpretation of The TCSEC, NCSC-TG-005 National Computer Security Center
  4. Trusted DataBase Management System Interpretation of The TCSEC, NCSC-TG-02 National Computer Security Center
  5. Computer Security Subsystem Interpretation of the TCSEC, NCSC-TG-009 National Computer Security Center
  6. Federal Criteria for Information Technology Security v.Ⅰ National Institute of Standard and Technology and National Security Agency
  7. Information Technology Security Evaluation Criteria(Version 1.2) France;Germany;The Netherlands;The United Kingom
  8. Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model(Version 2.0) Common Criteria Implementation Board
  9. Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Requirements(Version 2.0) Common Criteria Implementation Board
  10. Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Requirements(Version 2.0) Common Criteria Implementation Board
  11. Common Criteria for Information Technology Security Evaluation, Part 4: Predefined Protection Profiles(Version 1.0) Common Criteria Editorial Board