Research Article
Security Evaluation Framework for Military IoT Devices
Table 11
Example of converting the security controls to ISO/IEC 15408 and 27001.
| | NIST | Security Controls | ISO/IEC15408 or ISO/IEC 27001 Requirements |
| | AC-17 | Remote Access | A.6.2.1: Mobile device policy: | | A.6.2.2: Teleworking | | A.13.2.1: Information transfer policies and procedures |
| | AC-18 | Wireless Access | A.6.2.1: Mobile device policy: | | A.13.1.1 Network controls | | A.13.2.1: Information transfer policies and procedures |
| | IA-2 | Identification and Authentication | FIA_ATD.1: User Attribute Definition | | FIA_UAU.1: User Authentication (Timing of Authentication) | | FIA_UAU.2: User Authentication before any action) | | FIA_UID.1: Timing of identification | | FIA_UID.2: User Identification before any action |
| | IA-3 | Device Identification and Authentication | FIA_UAU.1: User Authentication (Timing of Authentication) | | FIA_UAU.2: User Authentication before any action) | | FIA_UID.1: Timing of identification | | FIA_UID.2: User Identification before any action |
|
|
