We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
NEW TRENDS IN IT&C SECURITY EVALUATION.
- Authors
Păun, Cristian Teodor; Simion, Emil
- Abstract
This paper focuses on the link between information security and cryptography represented by National Institute of Standards and Technology (NIST) cryptographic standards, Federal Information Processing Standard FIPS 140-2 (Security requirements for cryptographic modules) standard and Common Criteria for Information Technologies Security Evaluation (ISO 15408) standard. Information security is the science of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. Cryptography deals with design, implementation and evaluating cryptographic algorithms (e.g. NIST AES selection process, SHA-3 completion etc.) in order to be used by products (software and/or hardware) which are intended to protect information or information systems. Before using in information systems those cryptographic products need to be tested and evaluated also. One evaluation standard is FIPS 140-2. After this evaluation is obtained, from an accredited Laboratory, the system itself needs to be evaluated in order to have a image of the assurance level obtained. Usually these evaluation is made using ISO 15408 (Common Criteria for Information Technology Systems) standard.
- Subjects
INFORMATION resources management security; INFORMATION technology security; CRYPTOGRAPHY; DATABASE security; FIREWALLS (Computer security)
- Publication
LESIJ - Lex ET Scientia International Journal, 2010, Vol 17, Issue 2, p281
- ISSN
1583-039X
- Publication type
Article