Change search
ReferencesLink to record
Permanent link

Direct link
Analyzing Common Criteria Shortcomings to Improve its Efficacy
Blekinge Institute of Technology, School of Computing.
Blekinge Institute of Technology, School of Computing.
2009 (English)Independent thesis Advanced level (degree of Master (Two Years))Student thesisAlternative title
Analysera gemensamma Kriterier Brister att förbättra sin effektivitet (Swedish)
Abstract [en]

Information security has become a key concern for organizations conducting business in the current electronic era. Rapid technological development continuously creates novel security threats, making IT an uncertain infrastructure. So the security is an important factor for the vendors as well as for the consumers. To fulfill the security needs, IT companies have to adopt some standards to assure some levels that concern with the security in their product. Common Criteria (CC) is one of the standards that maintains and controls the security of IT products. Many other standards are also available to assure the security in products but like these standards CC has its own pros and cons. It does not impose predefined security rules that a product should exhibit but a language for security evaluation. CC has certain advantages due to its ability to address all the three dimensions: a) it provides opportunity for users to specify their security requirements, b) an implementation guide for the developers and c) provides comprehensive criteria to evaluate the security requirements. On the downside, it requires considerable amount of resources and is quite time consuming. Another is security requirements that it evaluates and must be defined before the project start which is in direct conflict with the rapidly changing security threat environment. In this research thesis we will analyze the core issues and find the major causes for the criticism. Many IT users in USA and UK have reservations with CC evaluation because of its limitations. We will analyze the CC shortcomings and document them that will be useful for researchers to have an idea of shortcomings associated with CC. This study will potentially be able to strengthen the CC usage with a more effective and responsive evaluation methodology for IT community.

Place, publisher, year, edition, pages
2009. , 49 p.
Keyword [en]
CC, Common Criteria, Evaluation of Common Criteria, Analyzing Common Criteria, Common Criteria Shortcomings, Information Technology
National Category
Computer Science
URN: urn:nbn:se:bth-4776Local ID: diva2:832124
Rana Aamir Raza Ashfaq (0046-76-2473148)Available from: 2015-04-22 Created: 2009-06-16 Last updated: 2015-06-30Bibliographically approved

Open Access in DiVA

fulltext(567 kB)80 downloads
File information
File name FULLTEXT01.pdfFile size 567 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Computing
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 80 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 52 hits
ReferencesLink to record
Permanent link

Direct link