A Study On The Mapping Relationship Of The Functional Requirements Of CC And System Security Measures

The global informationization has already become the main trend of human social development, and the research and application of information technology has been changing with each passing day . Meanwhile, the security problem of the information system was paid attention to likewise step by step, and the more research and applications of information security have already become a long-term and lasting subject. Because the internet networks have such characteristics as opening, variety of connection form, complexity of security technology, and security defect of communication protocol, etc., the security problem of the information system have become particularly complicated. No matter in the WAN, or in the LAN, there are a great deal of potential threats in information system from nature and human being. It's necessary to strengthen the security protection to different resources. The information security protection technology has already become an urgent problem of the information technology, which need be resolved.The security problem of information system has the overallness that is concerned with whole network, and has the complexity that is concerned with the multilayer fields such as various technology and management. It's the key of the problem making unified security policy and entire scheme, training adequate technical mainstay, strengthening the security management .The ability of information system security assurance can be raised in this way .Therefore we must make the safeguards multi-levelly, multi-directionally, systematizedly against the vulnerability of system itself and various different threats to ensure safely running of information system and confidentiality, integrity and availability of information . There are many safeguards to assurance information system security, but it's not enough to assurance security of informationsystem to patch up some safeguards or apply all safeguards. Based on the consideration of cost and efficiency, if an information system has allocated basic safeguards according to perfect security policy, security performance of information system can be ensured. The security evaluation of information systematic has offered practical basis for us to judge the security performance of information system. Based on the consideration of cost and efficiency, if an information system has allocated basic safeguards according to perfect security policy, security performance of information system can be ensured. Risk evaluation of information system has offered reliable basis for us to judge the security performance of information system.Combining the project development that author participate in, this dissertation research safeguards and security functional requirements of " Common Criteria for Information Technology Security Evaluation", namely CC, and research and bring forward the relationship of safeguards and security functional requirements of CC essentially by analysing and concluding various safeguards, to offer basis on evaluating the validity of safeguards.This dissertation starts with the structure of security system, and has discussed the relationship of security service and security mechanism. Beacause security mechanism is the foundation of realizing security service, there must be effective security mechanism, and there would be reliable security service probably. Then this dissertation has analysed the security functional requirement components of CC, and has researched the relation of security mechanism and security functional requirements. This dissertation analyse security function requirements that is corresponding to security mechanism, to which we choose the safeguards according . The security function requirements is function and purpose that the security mechanism of an information technology should achieve. This dissertation has still summarized nowaday general security technology mechanism. Only according to security demand of information system, select appropriate security mechanism and security production, and allocate to systematic proper location and layer of information system, then the purpose of control information system risk can be realized . This dissertation brings forward elementary relationship of security functional requirements of CC and safeguards.