System IT Security Assessment

Cover facsimile FOI-R--1468--SE
December 2004
ISSN 1650-1942

Jonas Hallberg, Amund Hunstad, Anders Bond, Mikael Peterson och Nils Påhlsson

Abstract
IT security is an issue of vital importance for all IT-based systems. As IT is penetrating the society, IT security becomes increasingly important. Unfortunately, IT security is intrinsically difficult to handle and motivate. Security assessment is a central ability in the striving for adequate levels of IT security in systems. In this report, an effort to enable system-wide IT security assessment is described. The presented results include:

A study of current security evaluation methods
Terminology for the area of security assessment
A framework for system security assessment
A method for system security assessment
A framework for system component security assessment
A method for system component security assessment.

Print page

CONTACT

FOI
Swedish Defence Research Agency
SE-164 90 Stockholm

Phone +46 8 555 030 00
Fax +46 8 555 031 00

registrator@foi.se
Contact us

Root

Publications

System IT Security Assessment