4-6 November | Sheraton Grand Doha, Qatar

Impact of the Adoption of Cloud Services for Code Review on ALC_DVS and Attack Potential (A23a)

05 Nov 2024
3:30 pm

Impact of the Adoption of Cloud Services for Code Review on ALC_DVS and Attack Potential (A23a)

Tools for code review are commonly used to allow developers to identify bugs and bad programming habits. They are often provided as a service through a third-party cloud infrastructure, posing challenges to the protection of confidentiality and integrity. The impact on CC evaluations with assurance EAL3 or higher is assessed, with particular reference to ALC_DVS and AVA_VAN families.

Additional not speaking co-authors: Gaetano Cavarretta, Tiziano Inzerilli, Mirko Malacario, Massimiliano Orazi, Samuela Persia