Association for Computing Machinery
Assurance accreditation of agile, interconnected IT landscapes is a great challenge, and is currently often cited as one of the showstoppers for the adoption of modern IT architectures (e.g. agile, model-driven, process-led SOA and Cloud) in mission critical domains. This paper presents Model Driven Security Accreditation (MDSA), a novel approach for automating large parts of the compliance and assurance accreditation management processes (e.g. Common Criteria) to achieve reduced cost/effort, and increased reliability/traceability. MDSA is related to Model Driven Security (MDS), an approach that automatically generates fine-grained technical security rules from intuitive, generalized security policy models.