Course - ICT-Security Evaluation - TM8104
ICT-Security Evaluation
Lessons are not given in the academic year 2010/2011
About
About the course
Course content
The course is taught every second year, next time autumn 2011. The course is about principles and methods for development of criteria for ICT security evaluation and how these are used to evaluate security. Example topics are: protection profiles (PPs),security targets (STs), security functionality, functionality classes, assurance correctness, assurance effectiveness, evaluation assurance levels (EALs), certification, accreditation, standardisation of evaluation criteria, national scheme for evaluation and certification.
Learning outcome
In this course, the students will learn what principles and methods are employed for evaluation of the security of an ICT product or system based on the requirements expressed in the international standard ISO/IEC IS 15408 Evaluation Criteria for IT Security, Parts 1/3.
Learning methods and activities
Lectures, colloquia, discretionary exercises. If postponed exam (continuation exam) is used, an oral exam may be used as opposed to the normal written exam.
Recommended previous knowledge
Master Degree in ICT with emphasis on information security.
Course materials
Internationally standardised criteria for ICT Security evaluation (ISO 15408, Part 1-3, ISO 27001), security evaluation methodology (CEM).
Credit reductions
| Course code | Reduction | From |
|---|---|---|
| DIE5939 | 7.5 sp |
Subject areas
- Communication and Information Science
- Sikkerhetsteknikk
- Telecommunication
- Telematics
Contact information
Department with academic responsibility
Department of Information Security and Communication Technology