Supporting User Evaluation of IT Security Certification Schemes
نویسندگان
چکیده
IT Security Certification is an increasingly important qualification for information technology (IT) professionals seeking employment in IT security. Yet currently there is a lack of rigorously developed approaches to support the evaluation and selection by key stakeholders of the most appropriate IT security certification scheme from among hundreds of vendor-neutral and vendor-specific schemes. This paper develops a framework based on categories, characteristics and criteria to support user evaluation and selection of an (IT) Security Certification scheme that satisfies user priorities and requirements. The paper illustrates the use of the framework to support an experienced IT Professional’s evaluation. Theoretical and practical implications of the framework and trial evaluation are discussed.
منابع مشابه
Toward User Evaluation of IT Security Certification Schemes: A Preliminary Framework
This paper reports a preliminary framework that supports stakeholder evaluation, comparison and selection of IT Security Certification schemes. The framework may assist users in the selection of the most appropriate scheme to meet their particular needs.
متن کاملWhat Is Wild ?
“In the Wild” virus detection is part of the criteria of National Computer Security Association (NCSA) Anti-virus Product Certification, SECURE COMPUTING Checkmark Certification, the proposed UK IT Security Evaluation and Certification (ITSEC) anti-virus product certification and other product review and evaluation schemes. However, companies which use “certified” products, based on “In the Wil...
متن کاملProtection Profiles for Remailer Mixes -Do the New Evaluation Criteria Help?
Early IT security evaluation criteria like the TCSEC and the ITSEC suffered much criticism for their lack of coverage of privacy-related requirements. Recent evaluation criteria, like the CC and the ISO-ECITS now contain components assigned to privacy. This is a step towards enhanced privacy protection, especially for non-experts. We examined the suitability and use of these components and the ...
متن کاملIT Security Certification and Criteria. Progress, Problems and Perspectives
IT security certification and IT security evaluation criteria have changed their character compared with the first efforts ca. 20 years ago. They have also gained more interest within civilian and commercial application areas. Therefore this paper compares them with earlier criticism and with the new challenges in IT security. After an introduction into the concept of security certification the...
متن کاملIT Security Certifications: Stakeholder Evaluation and Selection
Information technology (IT) security certifications have proliferated in recent years. However they differ in regards to stakeholder considerations of credibility, accessibility and relevance. Key stakeholders with an interest in selecting an IT security certification (IT security professionals, employers, governments and higher education institutes) lack a systematic approach for differentiati...
متن کامل