Browse > Article
http://dx.doi.org/10.14400/JDC.2016.14.5.341

Convergence of Related Standard of CC and ISO for Security Evaluation of VPN  

Lee, Ha-Young (Dept. of Fusion Industry, Seoul Venture University)
Yang, Hyo-Sik (Samil PricewaterhouseCoopers IT Risk & Security)
Publication Information
Journal of Digital Convergence / v.14, no.5, 2016 , pp. 341-348 More about this Journal
Abstract
Because VPN(Virtual Private Network) uses internet network, the security technique should support it and evaluation technique based on standard should support it. Therefore the method should be organized that can evaluate the security of VPN based on the related standard. In this study, we intended to construct the security evaluation model through combining CC(Common Criteria) which is a evaluation standard and a part of security(Confidentiality, Integrity, Non-repudiation, Accountability, Authenticity) evaluation of ISO which is the standard of software quality evaluation. For this, we analyzed the quality requirements about intra-technology and security of VPN and constructed the evaluation model related to the quality characteristics of two international standard. Through this, we are able to construct a convergence model for security evaluation of VPN. Through accumulating the evaluation practices for VPN in the future, the suitability and validity of the evaluation model must be improved.
Keywords
Convergence; Quality Evaluation Model; Security; Virtual Private Network; evaluation module;
Citations & Related Records
Times Cited By KSCI : 7  (Citation Analysis)
연도 인용수 순위
1 Jong-Hoon Han, Jung-Woo Lee, Sung-Han Park, "A Dynamic Key Lifetime Change Algorithm for Performance Improvement of Virtual Private Networks", Journal of the Institute of Electronics Engineers of Korea, Vol. 42, No. 10, p. 31, 2005. 10.
2 Kang-Soo Lee, Young-Soo Kim et al.,, "Virtual Private Network Protection Profile V2.0", Korea Information Security Agency & Hannam University, 2008. 4.
3 Ha-Yong Lee, Jung-Gyu Kim, "Efficiency Evaluation Convergence Model of Virtual Private Network based on CC and ISO Standard", Journal of Digital Convergence, Vol.13, No.5, pp. 169-176, 2015. 5.   DOI
4 Myung-Seong Yim, "Development of Measures of Information Security Policy Effectiveness To Maximize the Convergence Security", Journal of the Korea Convergence Society, Vol. 5, No. 4, pp. 27-32, 2014.   DOI
5 Kyung-Muk Kim, Hae-Sool Yang, "VPN(Virtual Private Network) SW's examination example analysis", Journal of academia-industrial technology, Vol.11, No.8, 2010.
6 Ha-Yong Lee, Jung_Gyu Kim, "Quality Evaluation Model about Efficiency for Fingerprint Recognition System", Journal of digital Convergence, Vol. 12, No. 6, 2014.
7 Ha-Yong Lee, Jung-Gyu Kim, "Quality Evaluation Model for Security of DRM Software", The Journal of Policy & Management, Vol. 11, No. 5, 2013. 5.
8 Sang-Won Kang, In-Oh Jeon, Hae-Sool Yang, "Usability Quality Evaluation Plan of DRM Softwares", Proceedings of The Korea Academia-Industrial Cooperation Society, 2010. 11.
9 Sang-Won Kang, Hae-Sool Yang, "Quality Evaluation of Criterion Construction for Open Source Software", The Journal of digital policy & management, Vol. 11, No. 2, pp. 323-330, 2013.
10 ISO/IEC 25020, "Software product Quality Requirements and Evaluation(SQuaRE) -- Measurement reference model and guide", 2007.
11 ISO/IEC 25030, "Soiftware product Quality Requirements and Evaluation(SQuaRE) -- Quality requirements", 2007.
12 ISO/IEC 25040, "Systems and software engineering - Systems and software Quality Requirements and Evaluation(SQuaRE) -- Evaluation process", 2011.
13 ISO/IEC 25041, "Systems and software engineering -- Systems and software Quality Requirements and Evaluation(SQuaRE) -- Evaluation guide for developers, acquirers and independent evaluators", 2012.
14 yong-won kim, "A study on Convergent & Adaptive Quality Analysis using DQnA model", Journal of the Korea Convergence Society, Vol. 5, No. 4, pp. 21-25, 2014.   DOI
15 Bong-Hyun Kim, Dong-Uk Cho, "Trend and Prospect of Network Security Technology", The Journal of Korean Institute of Communications and Information Sciences(J-KICS)NIPA), Vol. 31, No. 4, 2014.