Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

In the present work, we propose and validate a Common Criteria Standard Protection Profile (sPP) for videoconferencing equipment. The research presents the definition and analysis of the homologation system used to validate the standard protection profile, focusing on its application focused in a la...

Full description

Bibliographic Details
Main Authors: Ariane C. B. Florentino, Sanderson Cesar Macado Barbalho, Raphael Carlos Santos Machado
Format: Article
Language:English
Published: IEEE 2021-01-01
Series:IEEE Access
Subjects:
Banking
common criteria
cyber defense
homologation
mechatronic product
security
Online Access:https://ieeexplore.ieee.org/document/9344589/
Description
Summary:In the present work, we propose and validate a Common Criteria Standard Protection Profile (sPP) for videoconferencing equipment. The research presents the definition and analysis of the homologation system used to validate the standard protection profile, focusing on its application focused in a large Brazilian financial company. We address the main points to consider in the acquisition and current use of this product: reasonable information security assumptions, technical standards, recommendations, and international best cybersecurity practices. As a result, we have developed a Standard Protection Profile identifying the information security risks involved and the minimum parameters required in those systems acquired and used for Government environments. This paper also presents all tests performed to validate the proposed sPP. As the application is critical, involving sensitive data, our results can also foster less risky conditions in the myriad situations caused by the COVID pandemic.
ISSN:2169-3536

Similar Items