21-23 October | Central Park Hotel Songdo, Korea

Impact of the Adoption of Cloud Services for Code Review on ALC_DVS and Attack Potential (A22c)

05 Nov 2024
2:30 pm

Impact of the Adoption of Cloud Services for Code Review on ALC_DVS and Attack Potential (A22c)

Tools for code review are commonly used to allow developers to identify bugs and bad programming habits. They are often provided as a service through a third-party cloud infrastructure, posing challenges to the protection of confidentiality and integrity. The impact on CC evaluations with assurance EAL3 or higher is assessed, with particular reference to ALC_DVS and AVA_VAN families.

Additional not speaking co-authors: Gaetano Cavarretta, Tiziano Inzerilli, Mirko Malacario, Massimiliano Orazi, Samuela Persia