Browse > Article
http://dx.doi.org/10.13089/JKIISC.2002.12.3.61

The Proposal of Security Evaluation Criteria for PKI Systems in Korea  

심주걸 (성균관대학교 전기전자 및 컴퓨터공학부)
박택진 (영동전문대학 전자과)
이철원 (국가보안기술연구소 정보보증연구부)
원동호 (성균관대학교 전기전자 및 컴퓨터공학부)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.12, no.3, 2002 , pp. 61-76 More about this Journal
Abstract
To ensure PKI systems' reliability, the security for PKI systems evaluation is required. But, unfortunately, the systematic security evaluation and certification of PKI systems is insufficient. In Korea, Firewall and intrusion detection system's security evaluation and certification has been enforced, but research of PKI systems’ evaluation is insufficient. This paper provides a PKI system evaluation criteria. This paper specifies a 7 level of the functional and assurance security requirements for a PKI system. And this PKI system evaluation criteria provides a compatibility with CC(Common Criteria) and KISES(Korea Information Security Evaluation Systems).
Keywords
PKI systems; evaluation; certification;
Citations & Related Records
연도 인용수 순위
  • Reference
1 이경구. '국제공통평가기준 기반의 상호인정협정 대응', 정보보호뉴스 1월호. 통권40호, 한국정보보호센터
2 NIST, 'Certificate Issuing and Manage-ment Components Protection Profile', 2000. 9
3 NIST. 'FIPS PUB 140-1 Secuhty Re-quirements for Cryptographic Modules', 1994. 1
4 WebTrust Program for Certification Authohties, AICPA/CICA. 2000. 8
5 DOD. 'Interim External Certification Authority(IECA) X.509 Certificate Com- pliance Test Plan', 1999. 5. 10
6 DOD, 'Guidelines for External Certifi-cation Authority Interoperability with Department of Defense Public Key Infrastructure Version 0.7' 1999. 4. 29
7 이종후, 김충길. 류재철, '암호기술 표준 적합성 검증', 2001년도 한국통신정보보호학회 영남지부 학술발표회논문집, 2001. 2
8 Common Criteria Version 2.1. 1999. 8
9 NIST. CSPP - Guidelines for COTS Security Protection Profiles Version 1.0, 1999. 12
10 http://niap.nist.gov/cc-scheme/PP-Registry.html
11 http://www.cesg.gov/assurance/iacs/itsec/cpl