A unified trust model for common criteria recognition arrangement for product acceptance

Common Criteria (CC) is introduced as an international body for product testing, verification and certification. It is used for unifying existing international standards that involved users, vendors, manufacturers (industries) and governments. The purpose of the CC evaluation is to establish a one-t...

Full description

Saved in:
Bibliographic Details
Main Author: Mat Isa, Mohd Anuar
Format: Thesis
Language:English
Published: 2018
Subjects:
Online Access:http://psasir.upm.edu.my/id/eprint/68790/1/FSKTM%202018%2018%20IR.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-upm-ir.68790
record_format uketd_dc
spelling my-upm-ir.687902019-05-31T03:25:37Z A unified trust model for common criteria recognition arrangement for product acceptance 2018-01 Mat Isa, Mohd Anuar Common Criteria (CC) is introduced as an international body for product testing, verification and certification. It is used for unifying existing international standards that involved users, vendors, manufacturers (industries) and governments. The purpose of the CC evaluation is to establish a one-time assessment without the need for a series of repetitive testing and verification processes for Common Criteria Recognition Arrangement (CCRA) participant nations. The trust problem arises between CC Authorizers and Consumers because the Consumers need to trust the Authorizer nation’s laboratory testing and verification of products. There are leading nations among the CCRA’s arrangement signatories (e.g. the USA) that want to reduce the mutual recognition level because the nations do not trust foreign nation’s laboratory testing and verification. To overcome the trust problem, J. Kallberg proposed a hypothesis; which is to abandon the global approach of CCRA participants and replace it with well-established groups (e.g. EU, NATO). Secondly, the thesis has improved the J. Kallberg suggestion by introducing intersection members (nations) among the well-established groups that can serve as bridges to spread trust boundaries. A nation that a member of more than one group has a wider coverage of transitive trust. Then, the nation will act as a bridging nation between different groups. Thirdly, in order to minimize the trust gap between CCRA participant nations, choosing a nation that has good international relations with many nations as a candidate for the authorizing nation. This will minimize the trust problem if one chooses a nation that is good international relations as the authorizing nation compared to a nation has historical controversy which may lead to doubtful perception. In this work, the thesis has modeled and verified the proposed solutions in minimizing the trust problem using a process of relation algebra and formal methods. Precedent methods such as Bayes probability, Dempster-Shaffer theory and subjective logic are referred to. The modeling steps as follows, selecting requirements and formal specifications; implement and verify the models using Event-B and Atelier theorem prover. The verified models were simulated using ProB simulator for finding trustable CC authorizing nations using case studies from the period 1999 until 2014. The performance measurement of the proposed models was evaluated based on trust relations of the CC authorizing nations with other CCRA nations; and the trust relations metrics were displayed as a list of CC authorizing nations ranking. From the simulation results, the ranking has shown that the USA, NLD, ESP, ITA, FRA and DEU dominated as the trustable authorizing nations. The thesis has suggested that the CCRA participant nations should choose the authorizing nation with the highest ranking because it is more trustable compared to lower ranking authorizing nations. As the conclusion, choosing the highest ranking authorizing nation can minimize the trust problem between the CCRA participant nations. Product safety Industrial safety Security systems 2018-01 Thesis http://psasir.upm.edu.my/id/eprint/68790/ http://psasir.upm.edu.my/id/eprint/68790/1/FSKTM%202018%2018%20IR.pdf text en public doctoral Universiti Putra Malaysia Product safety Industrial safety Security systems
institution Universiti Putra Malaysia
collection PSAS Institutional Repository
language English
topic Product safety
Industrial safety
Security systems
spellingShingle Product safety
Industrial safety
Security systems
Mat Isa, Mohd Anuar
A unified trust model for common criteria recognition arrangement for product acceptance
description Common Criteria (CC) is introduced as an international body for product testing, verification and certification. It is used for unifying existing international standards that involved users, vendors, manufacturers (industries) and governments. The purpose of the CC evaluation is to establish a one-time assessment without the need for a series of repetitive testing and verification processes for Common Criteria Recognition Arrangement (CCRA) participant nations. The trust problem arises between CC Authorizers and Consumers because the Consumers need to trust the Authorizer nation’s laboratory testing and verification of products. There are leading nations among the CCRA’s arrangement signatories (e.g. the USA) that want to reduce the mutual recognition level because the nations do not trust foreign nation’s laboratory testing and verification. To overcome the trust problem, J. Kallberg proposed a hypothesis; which is to abandon the global approach of CCRA participants and replace it with well-established groups (e.g. EU, NATO). Secondly, the thesis has improved the J. Kallberg suggestion by introducing intersection members (nations) among the well-established groups that can serve as bridges to spread trust boundaries. A nation that a member of more than one group has a wider coverage of transitive trust. Then, the nation will act as a bridging nation between different groups. Thirdly, in order to minimize the trust gap between CCRA participant nations, choosing a nation that has good international relations with many nations as a candidate for the authorizing nation. This will minimize the trust problem if one chooses a nation that is good international relations as the authorizing nation compared to a nation has historical controversy which may lead to doubtful perception. In this work, the thesis has modeled and verified the proposed solutions in minimizing the trust problem using a process of relation algebra and formal methods. Precedent methods such as Bayes probability, Dempster-Shaffer theory and subjective logic are referred to. The modeling steps as follows, selecting requirements and formal specifications; implement and verify the models using Event-B and Atelier theorem prover. The verified models were simulated using ProB simulator for finding trustable CC authorizing nations using case studies from the period 1999 until 2014. The performance measurement of the proposed models was evaluated based on trust relations of the CC authorizing nations with other CCRA nations; and the trust relations metrics were displayed as a list of CC authorizing nations ranking. From the simulation results, the ranking has shown that the USA, NLD, ESP, ITA, FRA and DEU dominated as the trustable authorizing nations. The thesis has suggested that the CCRA participant nations should choose the authorizing nation with the highest ranking because it is more trustable compared to lower ranking authorizing nations. As the conclusion, choosing the highest ranking authorizing nation can minimize the trust problem between the CCRA participant nations.
format Thesis
qualification_level Doctorate
author Mat Isa, Mohd Anuar
author_facet Mat Isa, Mohd Anuar
author_sort Mat Isa, Mohd Anuar
title A unified trust model for common criteria recognition arrangement for product acceptance
title_short A unified trust model for common criteria recognition arrangement for product acceptance
title_full A unified trust model for common criteria recognition arrangement for product acceptance
title_fullStr A unified trust model for common criteria recognition arrangement for product acceptance
title_full_unstemmed A unified trust model for common criteria recognition arrangement for product acceptance
title_sort unified trust model for common criteria recognition arrangement for product acceptance
granting_institution Universiti Putra Malaysia
publishDate 2018
url http://psasir.upm.edu.my/id/eprint/68790/1/FSKTM%202018%2018%20IR.pdf
_version_ 1747812633914900480