Project

Home / Project

About- Project

In order to assess how existing evaluation and certification schemes could be used and further developed for the certification of security products and services, CRISP follows a specifically tailored strategy. According to this strategy, the project will begin by investigating the state of the art in standards and certification of security products and services.

The overall structure of the CRISP project:

 

CRIP Project Structure

 

CRISP will define and classify the EU security products and services market, identify and analyse relevant stakeholders and find best practice models by investigating the state of the art in security certification in a variety of European countries such as Austria, Germany, France, Netherlands, Poland, Slovenia, Spain, UK and other international countries such as USA and Japan.

After analysing existing practices, CRISP aims to develop a multi-dimensional certification scheme that will address the gaps in the current certification scenario and the meets the recommendations of the European Commission particularly, the need to include human factors in the evaluation of security products and services. CRISP’s basis for a holistic evaluation of security products and services is a model that encompasses as many perspectives as possible in a well-structured and easily comprehensible manner. At the highest aggregation level, there are four dimensions: Security, Trust, Efficiency and Freedom Infringement (S-T-E-Fi). Within the CRISP concept, each security product type incorporates a specific S-T-E-Fi evaluation scheme that considers the interrelations between the four dimensions. Depending on the product type, each of the Security, Trust, Efficiency and Freedom infringement dimensions has different impact on the evaluation result. Depending on the S-T-E-Fi result, the security product or service is approved or rejected.

As various studies and research projects (such as Privacy Impact Assessment Framework and Security Impact Assessment Measures) demonstrate, the early involvement of stakeholders is crucial, particularly for the acceptance of security products and services that have the potential to have various negative societal effects. Market success relies strongly on acceptance by the public and policy makers. For this, we need to foster and promote stakeholder involvement at all levels of the standards and certification process. CRISP understands and takes this challenge head on by incorporating a high level stakeholder engagement strategy throughout the project.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.