Basic Notions on Access Control.- Test based security certifications.- Formal methods for software verification.- OSS security certification.- Case Study 1: Linux certification.- Case Study 2: ICSA and CCHIT Certifications.- The role of virtual testing labs.- Long-term OSS security certifications: An Outlook.

Open Source Systems Security Certification provides an introduction to the notion of the Security Certification, including test-based and model-based approaches to the certification of software products. Several Security Certification standards are presented, including the international standard for the certification of IT products Common Criteria (ISO/IEC 15408) (CC 2006), a certification officially adopted by the governments of 18 nations. This book discusses Security Certification as a way to foster adoption and deployment of Open Source Software (OSS) in security-sensible markets, such as telecommunications, government and the military. Scientific and technical issues of OSS security certification are highlighted through case studies. This volume is designed for professionals and companies trying to implement an Open Source Systems (OSS) aware IT governance strategy, and SMEs looking for ways to use OSS in order to enter new security-conscious markets traditionally held by proprietary products. This book is also suitable for researchers and advanced-level students interested in OSS development, deployment and adoption issues.

One of the first books that covers security certification standards for open source systems exclusively The primary author, Professor Ernesto Damiani of the University of Milan, is highly respected world wide in this field