Title: CC-Case as an Integrated Method of Security Analysis and Assurance over Life-cycle Process

Issue Number: Vol. 3, No. 1
Year of Publication: Apr - 2014
Page Numbers: 49-62
Authors: Tomoko Kaneko , Shuichiro Yamamoto and Hidehiko Tanaka
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P001274


Secure system design faces many risks such as information leakage and denial of service. We propose a method named CC-Case to describe se-curity assurance cases based on the security struc-tures and thereat analysis. CC-Case uses Common Criteria (ISO/IEC15408). While the scope of CC-Case mainly focuses to the requirement stage, CC-Case can handle the life-cycle process of sys-tem design that contains the requirement, design, implementation, test and the maintenance stages. It can make countermeasure easily against the situation which an unexpected new threat produced by invisible attackers incessantly.