TY - BOOK AU - Damiani,Ernesto AU - Ardagna,Claudio Agostino AU - El Ioini,Nabil ED - SpringerLink (Online service) TI - Open Source Systems Security Certification SN - 9780387773247 PY - 2009/// CY - Boston, MA PB - Springer US KW - Computer science KW - Software engineering KW - Data protection KW - Data structures (Computer science) KW - Data encryption (Computer science) KW - Information systems KW - Computer Science KW - Systems and Data Security KW - Data Encryption KW - Information Systems Applications (incl.Internet) KW - Programming Languages, Compilers, Interpreters KW - Data Structures, Cryptology and Information Theory KW - Software Engineering/Programming and Operating Systems N1 - Basic Notions on Access Control -- Test based security certifications -- Formal methods for software verification -- OSS security certification -- Case Study 1: Linux certification -- Case Study 2: ICSA and CCHIT Certifications -- The role of virtual testing labs -- Long-term OSS security certifications: An Outlook N2 - Open Source Systems Security Certification provides an introduction to the notion of the Security Certification, including test-based and model-based approaches to the certification of software products. Several Security Certification standards are presented, including the international standard for the certification of IT products Common Criteria (ISO/IEC 15408) (CC 2006), a certification officially adopted by the governments of 18 nations. This book discusses Security Certification as a way to foster adoption and deployment of Open Source Software (OSS) in security-sensible markets, such as telecommunications, government and the military. Scientific and technical issues of OSS security certification are highlighted through case studies. This volume is designed for professionals and companies trying to implement an Open Source Systems (OSS) aware IT governance strategy, and SMEs looking for ways to use OSS in order to enter new security-conscious markets traditionally held by proprietary products. This book is also suitable for researchers and advanced-level students interested in OSS development, deployment and adoption issues UR - http://dx.doi.org/10.1007/978-0-387-77324-7 ER -