TU Darmstadt / ULB / TUbiblio

Holistic and Law compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA

Simić-Draws, Daniela ; Neumann, Stephan ; Kahlert, Anna ; Richter, Philipp ; Grimm, Rüdiger ; Volkamer, Melanie ; Roßnagel, Alexander (2013)
Holistic and Law compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA.
In: International Journal of Information Security and Privacy (IJISP), 7 (3)
doi: 10.4018/jisp.2013070102
Artikel, Bibliographie

Kurzbeschreibung (Abstract)

<span style="color: rgb(51, 51, 51); font-family: Arial, Verdana, Helvetica, sans-serif; line-height: 17.1429px; ">Common Criteria and ISO 27001/IT-Grundschutz are well acknowledged evaluation standards for the security of IT systems and the organisation they are embedded in. These standards take a technical point of view. In legally sensitive areas, such as processing of personal information or online voting, compliance with the legal specifications is of high importance, however, for the users’ trust in an IT system and thus for the success of this system. This article shows how standards for the evaluation of IT security may be integrated with the KORA approach for law compatible technology design to the benefit of both – increasing confidence IT systems and their conformity with the law on one hand and a concrete possibility for legal requirements to be integrated into technology design from the start. The soundness of this interdisciplinary work will be presented in an exemplary application to online voting.</span>

Typ des Eintrags: Artikel
Erschienen: 2013
Autor(en): Simić-Draws, Daniela ; Neumann, Stephan ; Kahlert, Anna ; Richter, Philipp ; Grimm, Rüdiger ; Volkamer, Melanie ; Roßnagel, Alexander
Art des Eintrags: Bibliographie
Titel: Holistic and Law compatible IT Security Evaluation: Integration of Common Criteria, ISO 27001/IT-Grundschutz and KORA
Sprache: Englisch
Publikationsjahr: 2013
Titel der Zeitschrift, Zeitung oder Schriftenreihe: International Journal of Information Security and Privacy (IJISP)
Jahrgang/Volume einer Zeitschrift: 7
(Heft-)Nummer: 3
Reihe: 7
Veranstaltungsort: Hershey, PA, USA
DOI: 10.4018/jisp.2013070102
Zugehörige Links:
Kurzbeschreibung (Abstract):

<span style="color: rgb(51, 51, 51); font-family: Arial, Verdana, Helvetica, sans-serif; line-height: 17.1429px; ">Common Criteria and ISO 27001/IT-Grundschutz are well acknowledged evaluation standards for the security of IT systems and the organisation they are embedded in. These standards take a technical point of view. In legally sensitive areas, such as processing of personal information or online voting, compliance with the legal specifications is of high importance, however, for the users’ trust in an IT system and thus for the success of this system. This article shows how standards for the evaluation of IT security may be integrated with the KORA approach for law compatible technology design to the benefit of both – increasing confidence IT systems and their conformity with the law on one hand and a concrete possibility for legal requirements to be integrated into technology design from the start. The soundness of this interdisciplinary work will be presented in an exemplary application to online voting.</span>

Freie Schlagworte: Security, Usability and Society;Secure Data
ID-Nummer: TUD-CS-2013-0213
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > SECUSO - Security, Usability and Society
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
Profilbereiche
LOEWE
Hinterlegungsdatum: 28 Jul 2016 18:35
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen