A unified trust model for common criteria recognition arrangement for product acceptance
Common Criteria (CC) is introduced as an international body for product testing, verification and certification. It is used for unifying existing international standards that involved users, vendors, manufacturers (industries) and governments. The purpose of the CC evaluation is to establish a one-t...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2018
|
Subjects: | |
Online Access: | http://psasir.upm.edu.my/id/eprint/68790/1/FSKTM%202018%2018%20IR.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-upm-ir.68790 |
---|---|
record_format |
uketd_dc |
spelling |
my-upm-ir.687902019-05-31T03:25:37Z A unified trust model for common criteria recognition arrangement for product acceptance 2018-01 Mat Isa, Mohd Anuar Common Criteria (CC) is introduced as an international body for product testing, verification and certification. It is used for unifying existing international standards that involved users, vendors, manufacturers (industries) and governments. The purpose of the CC evaluation is to establish a one-time assessment without the need for a series of repetitive testing and verification processes for Common Criteria Recognition Arrangement (CCRA) participant nations. The trust problem arises between CC Authorizers and Consumers because the Consumers need to trust the Authorizer nation’s laboratory testing and verification of products. There are leading nations among the CCRA’s arrangement signatories (e.g. the USA) that want to reduce the mutual recognition level because the nations do not trust foreign nation’s laboratory testing and verification. To overcome the trust problem, J. Kallberg proposed a hypothesis; which is to abandon the global approach of CCRA participants and replace it with well-established groups (e.g. EU, NATO). Secondly, the thesis has improved the J. Kallberg suggestion by introducing intersection members (nations) among the well-established groups that can serve as bridges to spread trust boundaries. A nation that a member of more than one group has a wider coverage of transitive trust. Then, the nation will act as a bridging nation between different groups. Thirdly, in order to minimize the trust gap between CCRA participant nations, choosing a nation that has good international relations with many nations as a candidate for the authorizing nation. This will minimize the trust problem if one chooses a nation that is good international relations as the authorizing nation compared to a nation has historical controversy which may lead to doubtful perception. In this work, the thesis has modeled and verified the proposed solutions in minimizing the trust problem using a process of relation algebra and formal methods. Precedent methods such as Bayes probability, Dempster-Shaffer theory and subjective logic are referred to. The modeling steps as follows, selecting requirements and formal specifications; implement and verify the models using Event-B and Atelier theorem prover. The verified models were simulated using ProB simulator for finding trustable CC authorizing nations using case studies from the period 1999 until 2014. The performance measurement of the proposed models was evaluated based on trust relations of the CC authorizing nations with other CCRA nations; and the trust relations metrics were displayed as a list of CC authorizing nations ranking. From the simulation results, the ranking has shown that the USA, NLD, ESP, ITA, FRA and DEU dominated as the trustable authorizing nations. The thesis has suggested that the CCRA participant nations should choose the authorizing nation with the highest ranking because it is more trustable compared to lower ranking authorizing nations. As the conclusion, choosing the highest ranking authorizing nation can minimize the trust problem between the CCRA participant nations. Product safety Industrial safety Security systems 2018-01 Thesis http://psasir.upm.edu.my/id/eprint/68790/ http://psasir.upm.edu.my/id/eprint/68790/1/FSKTM%202018%2018%20IR.pdf text en public doctoral Universiti Putra Malaysia Product safety Industrial safety Security systems |
institution |
Universiti Putra Malaysia |
collection |
PSAS Institutional Repository |
language |
English |
topic |
Product safety Industrial safety Security systems |
spellingShingle |
Product safety Industrial safety Security systems Mat Isa, Mohd Anuar A unified trust model for common criteria recognition arrangement for product acceptance |
description |
Common Criteria (CC) is introduced as an international body for product testing, verification and certification. It is used for unifying existing international standards that involved users, vendors, manufacturers (industries) and governments. The purpose of the CC evaluation is to establish a one-time assessment without the need for a series of repetitive testing and verification processes for Common Criteria Recognition Arrangement (CCRA) participant nations. The trust problem arises between CC Authorizers and Consumers because the Consumers need to trust the Authorizer nation’s laboratory testing and verification of products. There are leading nations among the CCRA’s arrangement signatories (e.g. the USA) that want to reduce the mutual recognition level because the nations do not trust foreign nation’s laboratory testing and verification.
To overcome the trust problem, J. Kallberg proposed a hypothesis; which is to abandon the global approach of CCRA participants and replace it with well-established groups (e.g. EU, NATO). Secondly, the thesis has improved the J. Kallberg suggestion by introducing intersection members (nations) among the well-established groups that can serve as bridges to spread trust boundaries. A nation that a member of more than one group has a wider coverage of transitive trust. Then, the nation will act as a bridging nation between different groups. Thirdly, in order to minimize the trust gap between CCRA participant nations, choosing a nation that has good international relations with many nations as a candidate for the authorizing nation. This will minimize the trust problem if one chooses a nation that is good international relations as the authorizing nation compared to a nation has historical controversy which may lead to doubtful perception.
In this work, the thesis has modeled and verified the proposed solutions in minimizing the trust problem using a process of relation algebra and formal methods. Precedent methods such as Bayes probability, Dempster-Shaffer theory and subjective logic are referred to. The modeling steps as follows, selecting requirements and formal specifications; implement and verify the models using Event-B and Atelier theorem prover. The verified models were simulated using ProB simulator for finding trustable CC authorizing nations using case studies from the period 1999 until 2014.
The performance measurement of the proposed models was evaluated based on trust relations of the CC authorizing nations with other CCRA nations; and the trust relations metrics were displayed as a list of CC authorizing nations ranking. From the simulation results, the ranking has shown that the USA, NLD, ESP, ITA, FRA and DEU dominated as the trustable authorizing nations. The thesis has suggested that the CCRA participant nations should choose the authorizing nation with the highest ranking because it is more trustable compared to lower ranking authorizing nations. As the conclusion, choosing the highest ranking authorizing nation can minimize the trust problem between the CCRA participant nations. |
format |
Thesis |
qualification_level |
Doctorate |
author |
Mat Isa, Mohd Anuar |
author_facet |
Mat Isa, Mohd Anuar |
author_sort |
Mat Isa, Mohd Anuar |
title |
A unified trust model for common criteria recognition arrangement for product acceptance |
title_short |
A unified trust model for common criteria recognition arrangement for product acceptance |
title_full |
A unified trust model for common criteria recognition arrangement for product acceptance |
title_fullStr |
A unified trust model for common criteria recognition arrangement for product acceptance |
title_full_unstemmed |
A unified trust model for common criteria recognition arrangement for product acceptance |
title_sort |
unified trust model for common criteria recognition arrangement for product acceptance |
granting_institution |
Universiti Putra Malaysia |
publishDate |
2018 |
url |
http://psasir.upm.edu.my/id/eprint/68790/1/FSKTM%202018%2018%20IR.pdf |
_version_ |
1747812633914900480 |