How a Variety of Information Assurance Methods Delivers Software Security in the United Kingdom.

Many in the software engineering world are already aware of the Common Criteria (CC) and the important role it plays providing confidence in the reliability of Information Technology (IT) product security claims through an independent evaluation and certification process. In the United Kingdom (UK), the CC philosophy has been adapted into a variety of pragmatic assurance techniques not just for single vendor solutions but for complete systems, sub-systems, network technologies, security architectures, and even managed service provision. How the general framework of CC can be adapted to provide assurance of security functions in software should be of interest to any person designing an assurance process for software security. [ABSTRACT FROM AUTHOR]