Ontological Mapping of Common Criteria’s Security Assurance Requirements
Andreas Ekclhart5 
, Stefan Fenz5 , Gernot Goluch5 and Edgar Weippl5
| (5) |
Secure Business Austria, 1040 Vienna |
Abstract
The Common Criteria (CC) for Information Technology Security Evaluation provides comprehensive guidelines for the evaluation
and certification of IT security regarding data security and data privacy. Due to the very complex and time-consuming certification
process a lot of companies abstain from a CC certification. We created the CC Ontology tool, which is based on an ontological
representation of the CC catalog, to support the evaluator at the certification process. Tasks such as the planning of an
evaluation process, the review of relevant documents or the creating of reports are supported by the CC Ontology tool. With
the development of this tool we reduce the time and costs needed to complete a certification.
Please use the following format when citing this chapter: Ekelhart A., Fenz, S., Goluch, G., and Weippl, E., 2007, in 1F1P international Federation for Information Processing. Volume
232, New Approaches for Security, Privacy and Trust in Complex Environments, eds. Venter, H-, Eloff, M-, Labuschagne, L.,
Eloff, J., von Solms, R., (Boston: Springer), pp. 85-95.
References secured to subscribers.