This is pretty good, and needs not much introduction The Common Criteria for Information Technology Security Evaluation: Download at: http://csrc.nist.gov/cc/ccv20/ccv2list.htm The CC is also an ISO standard 15408:1999. This is what we attempt to follow as much as possible when evaluating software. There are also accredited agencies certified to do CC evals. K. K. Mookhey Chief Technology Officer Network Intelligence India Pvt. Ltd. Email: ctoat_private Web: www.nii.co.in Tel: 91-22-22001530/22006019 ============================= The Unix Auditor's Practical Handbook http://www.nii.co.in/tuaph.html ============================= > So, how about directing our focus with a aim at reaching a > methodology/conclusion as to what can be done (by us + others) to say bring > up some ideas of some kind of a standard/practice which aims at following > certain guidelines to be taken at the design stage of any software > development process that could help us prevent the code getting > exploited.(If something like this already exists please do let me know..this > shall save a lot of time!).
This archive was generated by hypermail 2b30 : Thu Jan 02 2003 - 18:45:26 PST