資訊系統及流程 (Security Qualification)


* / 瀏覽其他服務
資訊系統及流程 (Security Qualification)

什麼是電腦網路系統安全評鑑 (Security Qualification)?

電腦網路系統安全評鑑 (Security Qualification) 乃由 TÜV NORD 將其多年資訊安全技術與產品評鑑經驗,針對網路系統的安全(例如銀行交易網路、企業防火牆、數位簽章系統等) ,所開發出來之評鑑方法與程序。
同時,這也是被國際(歐盟各國)認可,目前唯一針對網路系統整體安全提出完整方法論與實作驗證之有效安全評鑑技術。

電腦網路系統安全評鑑方法根據下列相關安全標準為理論基礎,進而發展出來的電腦網路系統安全評鑑程序。
  • ISO27001/ISO17799
  • ISO/IEC TR 13335 (Information Technology-Guidelines for the Management of IT,GMITS)
  • ITBPM (Information Technology Baseline Protection Manual
  • Common Criteria與ITSEC
成功案例及參考客戶

截至目前為止,全球已有數十家客戶已通過電腦網路系統安全評鑑 (SQ),並授予德國 TÜV NORD 國際級安全標章。客戶行業別涵括金融、郵政、資訊等,特別一提台灣的票券集保中心也通過此認證,讓票券交易過程安全無虞。(詳細資料可以參考德國 http://www.tuvit.de/ 網站) 

通過驗證之客戶與專案

Companies Projects

CompanyScope
Advance Bank, MunichSecurity Qualification of Internet Banking
Arab Bank, Amman, JordanSecurity Concept and Security Qualification of Internet Banking
Basler Kantonalbank, Basel, SwitzerlandIT Security Policy
BKS, Klagenfurt, AustriaSecurity Qualification of Internet Banking
BTV, Innsbruck, AustriaSecurity Qualification of Internet Banking
Commerzbank, FrankfurtSecurity Qualification of a Banking Application
Credit Suisse, Zurich, SwitzerlandFirewall Checks
Deutsche Bank, FrankfurtSecurity Qualification of the Internet Connection
Deutsche Post AG, DarmstadtNetwork Audit of a Trust Center on the basis of the German Digital Signature Act Security Qualification of electronic Courier
Deutsche Telekom AG, BonnSeveral evaluations acc. ITSEC of products (soft- and hardware) and systems, Network Audit of a Trust Center on the basis of the German Digital Signature Act Medical Data Communication
E–Plus Mobilfunk GmbH, DusseldorfSecurity Concepts for Mobile Communication Services Company Security Concept
German Parliament, Bonn/BerlinIT Security Concept of the German Parliament at the new Location in Berlin
Oberbank, Linz, AustriaFirewall Checks
Oberfinanzdirektion of Bavaria, MunichSecurity Qualification of the Electronic Tax Assessment
Reg-TP, MainzNetwork Audit of the German Root Trust Center on the basis of the German Digital Signature Act
Rentenanstalt SwissLife, Zurich, SwitzerlandSecurity Analyses
TC Trust Center, HamburgSecurity Qualification of a Trust Center on the basis of the German Digital Signature Act
UBS AG, Zurich, SwitzerlandStudy: Security in Fibre Channels
Vodafone, DusseldorfSecurity Consulting
VRR GmbH, GelsenkirchenSecurity Checks of TicketInside


others:

Security analyses of LAN’s and internet–connections of many companies
IT-Training in German and English
DIDC Co., Ltd., Taiwan 台灣票券集保中心

推行Security Qualification之預期效益
  • 建立明確並符合國際規範的網路安全防護體系。
  • 建立完整之電腦網路系統之書面作業程序。
  • 建立自我檢測與維護網路系統安全之能力。
  • 國際(歐盟各國)認可,目前唯一針對網路系統整體安全提出完整方法論與實作驗證。

業務聯絡人