01545nas a2200229 4500000000100000000000100001000000100002008004100003260000900044653002000053653002700073653002300100653002500123653002600148100001900174700001800193700001600211245005000227300001200277490000700289520101900296 2012 d c201210aassurance level10aassurance requirements10aevaluation process10aInformation Security10aontological modelling1 aAlexandr Potij1 aDmitrij Komin1 aInna Rebriy00aA Method of Evaluating Assurance Requirements a108-1200 v283 a

This paper presents ontological modelling results from the security assurance domain. It examines problems associated with the process of evaluating assurance. Towards this purpose we propose a functional-linguistic approach to the evaluation of security assurance level. The approach is grounded in the ontological modelling of assurance requirements which are liable to evaluation, in the functional modelling of the evaluation process in IDEF0 and IDEF3 notations and in the introduction of linguistic variables to represent qualitative properties. We consider performance requirements on the scope, depth and rigour of the evaluation process and the requirements for objectivity, repeatability, reproducibility, impartiality and comparability of evaluation results. Thus, we propose a method of evaluating assurance requirements that incorporates object-oriented assurance ontological modelling, process-oriented assurance ontological modelling, development of decision criteria, and workflow modelling.