LINCE como metodología para evaluación y certificación para productos de seguridad TIC

[EN] The work aims to carry out a guide and then apply it to certify that an ICT product is safe and without vulnerabilities, this guide may serve any person or company interested in knowing how the LINCE certification is carried out. This certification developed by the Centro Criptológico Nacional...

Full description

Bibliographic Details
Main Author: Khali Khali, Osama
Other Authors: Gordo Monzó, Mari Luz, Universitat Politècnica de València. Departamento de Organización de Empresas - Departament d'Organització d'Empreses, Universitat Politècnica de València. Escola Tècnica Superior d'Enginyeria Informàtica
Format: Thesis
Language:Spanish
Published: Universitat Politècnica de València 2021
Subjects:
scipo
hist
Lince
Lynx
Online Access:http://hdl.handle.net/10251/174397
Description
Summary:[EN] The work aims to carry out a guide and then apply it to certify that an ICT product is safe and without vulnerabilities, this guide may serve any person or company interested in knowing how the LINCE certification is carried out. This certification developed by the Centro Criptológico Nacional based on Common Criteria (internationally recognized certification) allows a product to be included in the Catalog of information and communication technology security products, and will indicate that it is an approved product for handle national classified information. It will try to make an explanation of the guide and then carry it out with a specific product to visualize how the procedure of this certification is carried out. The main purpose of this work is to explain the methodological process in which an TIC product is evaluated to certify that it is safe, mitigates threats and dispenses with vulnerabilities. This work can serve any person, company or entity interested in knowing how a LINCE evaluation is carried out and will understand the complex steps to follow. This evaluation developed by the National Cryptological Center (CCN) based on Common Criteria (the most important international certification in cybersecurity) allows a product to be included in the catalog of information and communication technologies security products (CPSTIC) of the CCN and will indicate that it is an approved product to manage sensitive information. In this procedure, an attempt will be made to explain above all the security statement as it specifies the security functionality of the product to be evaluated and describes the various relationships between the product and the environment where it will be used, finally, a study of the security statement will be carried out. of two cases. TFGM [ES] El principal propósito de este trabajo es explicar el proceso metodológico en la que se evalúa un producto TIC para certificar que es seguro, mitiga las amenazas y prescinde de vulnerabilidades. Este trabajo podrá servir a cualquier ...

Similar Items