CC Based Analysis Scheme for Evaluation Scope Models

In these days, many organizations try to manage their information system in safe way due to more rapidly change in information security system. The CC (Common Criteria) is scheme to secure evaluation for information security product/system. And the CC was approved by ISO/IEC 15408 in June, 1999 as international standard for information security system evaluation. The UK established C-TAS (CESG Tailored Assurance Service) that evaluate to IT product and software, and operational system. The Japan developed ISO/IEC 19791 for information security operating system security evaluation. Thus, we are preparing operating system evaluation. This paper is to propose evaluation scope computation model related with operating system evaluation to be enforced in the future.