Browse > Article
http://dx.doi.org/10.15207/JKCS.2017.8.10.061

Design Plan of Secure IoT System based Common Criteria  

Kim, Ju-Hun (Management & Planning Division, TTA)
Jung, Hyun-Mi (Dept. of Supercomputer System Development, KISTI)
Cho, Han-Jin (Dept. of Energy IT Engineering, Far East University)
Publication Information
Journal of the Korea Convergence Society / v.8, no.10, 2017 , pp. 61-66 More about this Journal
Abstract
Recently, IoT technology is rapidly developing with the keyword "Anytime, Anywhere, Convenient". In addition, security problems in IoT systems are exploding and the damage is increasing as well. In this paper, we propose a method to develop IoT system safely by using internationally recognized CC evaluation in ICT by identifying the standardization and security technology development status defining IoT system security requirements. For this purpose, IoT system and service security aspects are analyzed. Based on this, it is possible to design the security functional requirements and to demonstrate the rationale of the security objective through the correspondence relation, and it is possible to design the protection profile for the IoT system. This is a sufficient basis for the development methodology to be presented in this paper because it is used as a means of referring to the set of security requirements of administrators, developers, and users.
Keywords
IoT; CC; Secure System; IoT Security functional Requirement; Protection Profile(PP);
Citations & Related Records
연도 인용수 순위
  • Reference
1 Computerworld, "Siemens: Stuxnet worm hit industrial systems", September 16, 2010.
2 Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model; Version 3.1, Revision 1, CCMB-2006-09-001,
3 Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components; Version 3.1, Revision 2, CCMB-2007-09-002,
4 Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components; Version 3.1, Revision 2, CCMB-2007-09-003,
5 J. H. Kim, A Middleware Development Method for Internet of Things(IoT) Security, Master thesis of Far East University, 2017.
6 Ashton, Kevin. "That 'Internet of Things' Thing."RFiD Journal, 22, pp 97-114, 2009.
7 https://ko.wikipedia.org/wiki/전재
8 Lee, Geo-Spatial Information System, Kumiseokwan Press, 2016.
9 L. Atzori, A. lera, G. Moraito, "The Internet of Things: A survey", Computer Networks, vol 54, no. 15, pp. 2787-2805, Oct. 2010.   DOI
10 KIET, Hyper Connected Society IoT Activation Plan 2014.
11 http://cafe.naver.com/rapid7/2041
12 http://www.lgcns.com/LGCNS.GHP.Main/Solution/IoTPlat form_En.
13 NIPA, IoT Case Study- Architecture, 2016.
14 Mellado, Daniel, Eduardo Fernandez-Medina, and Mario Piattini. "A common criteria based security requirements engineering process for the development of secure information systems." Computer standards & interfaces 29.2 (2007): 244-253.   DOI
15 Atzori, Luigi, Antonio Iera, and Giacomo Morabito. "Siot: Giving a social structure to the internet of things." IEEE communications letters 15.11 (2011): 1193-1195.   DOI
16 Babar, Sachin, et al. "Proposed security model and threat taxonomy for the Internet of Things (IoT)." Recent Trends in Network Security and Applications (2010): 420-429.
17 http://blog.naver.com/human1500/220785377334.