Premium
4.2.5 Requirements Management by the Numbers Applying Common Criteria beyond the INFOSEC Arena
Author(s) -
Kepchar Kenneth J,
Yeager Julie
Publication year - 2002
Publication title -
incose international symposium
Language(s) - English
Resource type - Journals
ISSN - 2334-5837
DOI - 10.1002/j.2334-5837.2002.tb02471.x
Subject(s) - terminology , computer science , process (computing) , realm , domain (mathematical analysis) , set (abstract data type) , requirements engineering , function (biology) , engineering management , information security management system , management science , risk analysis (engineering) , software engineering , systems engineering , engineering , political science , business , software , security information and event management , cloud computing security , mathematics , law , cloud computing , mathematical analysis , philosophy , linguistics , evolutionary biology , biology , programming language , operating system
The security function has taken on a dramatically increased importance around the world with the events in New York and Washington in September 2001. As we search for ways to address the altered realities of today's society, the tendency is to create “different” or “unique” approaches to current problems. In the information security (or INFOSEC) realm, Common Criteria (CC) (ISO 15408) documents an international approach to formulating information security requirements. The CC structured methodology is discussed to show its potential application to other Systems Engineering applications. This provides a means to develop consistent and coherent requirement sets. The CC has also established a set of domain specific terms. This paper analyzes the CC terminology to show that CC utilizes the same guiding principles and program milestones as other Systems Engineering disciplines. In the process, we provide a mapping of the CC terminology to that commonly used in non‐security Systems Engineering domains.