A study on e-Taiwan information system security classification and implementation

Information systems of Cyberspace offer attractive targets. They should be resistant to such as Active Attack, Passive Attack, Insider Attack, Close-in Attack, and Distribution Attack from the full range of threat-agents – from hackers to nation states – and they must limit damage and recover rapidly when attacks do occur.According to Common Criteria (CC), Information Security Management System (ISMS) and the international standards of Information System Security (ISO/IEC 15408, ISO/IEC 17799, and ISO/IEC TR 19791) as well as the other international standards and guidelines such as the framework of Defense-in-Depth promoted by the U.S., in this paper we propose a new framework of information system security classification for e-Taiwan to reach the vision “information and communication network resources can be fully used in an obstacle free and secure environment by year 2008.”