Official levels of Computer Security

Slides:



Advertisements
Similar presentations
THE ORANGE BOOK Ravi Sandhu ORANGE BOOK CLASSES A1Verified Design B3Security Domains B2Structured Protection B1Labeled Security Protection.
Advertisements

Trusted System Elements and Examples CS461/ECE422 Fall 2011.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.2: Evaluation of Secure Information Systems.
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #18-1 Chapter 18: Evaluating Systems Goals Trusted Computer System Evaluation.
4/28/20151 Computer Security Security Evaluation.
CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.
CS526Topic 22: TCSEC and Common Criteria 1 Information Security CS 526 Topic 22: TCSEC and Common Criteria.
Chapter 6 Security Kernels.
IT Security Evaluation By Sandeep Joshi
Secure Operating Systems Lesson 10: SCOMP. Where are we?  Multics is busy being explored, which is kind of cool…  But Multics wasn’t the end of custom.
Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.
Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.
Secure Operating Systems Lesson 0x11h: Systems Assurance.
1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Information Systems Security Security Architecture Domain #5.
Lesson 1-What Is Information Security?. Overview History of security. Security as a process.
CSE331: Introduction to Networks and Security Lecture 33 Fall 2002.
Principles of Information System Security: Text and Cases
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 20 October 28, 2004.
Evaluating Systems Information Assurance Fall 2010.
Trusted System? What are the characteristics of a trusted system?
OS Security Access Control & Authentication. OS System vulnerabilities Operational fault Environmental fault Coding fault.
Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Security Architecture and Design Chapter 4 Part 3 Pages 357 to 377.
Chapter 7 Securing Commercial Operating Systems. Chapter Overview Retrofitting Security into a Commercial OS History of Retrofitting Commercial OS's Commercial.
Trusted OS Design and Evaluation CS432 - Security in Computing Copyright © 2005, 2010 by Scott Orr and the Trustees of Indiana University.
Domain 6 Security Architecture and Models Domain Objective The objective of this domain is to understand: security models in terms of confidentiality,
CSCE 548 Secure Software Development Security Operations.
Security fundamentals Topic 2 Establishing and maintaining baseline security.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 19 October 26, 2004.
Mandatory Access Control
CS526: Information Security Chris Clifton November 4, 2003 Assurance.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
Trusted Operating Systems
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.
Chapter 8: Principles of Security Models, Design, and Capabilities
Chapter 21: Evaluating Systems Dr. Wayne Summers Department of Computer Science Columbus State University
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
CSCE 727 Awareness and Training Secure System Development and Monitoring.
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
Chap5: Designing Trusted Operating Systems.  What makes an operating system “secure”? Or “trustworthy”?  How are trusted systems designed, and which.
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 5: Security Architecture and Models.
1 Trusted OS Design CS461/ECE Reading Material Section 5.4 of Security in Computing.
Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416.
TCSEC: The Orange Book.
CS703 - Advanced Operating Systems
Access Control Model SAM-5.
Cybersecurity First Principles
CSE565: Computer Security Lectures 24, 25 OS Security
Chapter 19: Building Systems with Assurance
THE ORANGE BOOK Ravi Sandhu
Guest Lecture in Acc 661 (Spring 2007) Instructor: Christopher Brown)
Chapter 29: Program Security
Assurance of Trusted Operating Systems
Operating System Concepts
Presentation transcript:

Official levels of Computer Security United States Government Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC)- “Orange Book” Requirements: Specific security requirements Assurance requirements

TCSEC /Orange Book 4 divisions- A,B,C,D Specifies evaluation classes (D, C1, C2, B1, B2, B3, A1) Specifies functionality and assurance requirements for each class Each class defines 4 requirements Policy Accountability Assurance Documentation

TCSEC Classes D – Minimal Protection C1 – Discretionary Security Protection Identification and authentication and DAC users processing data at common sensitivity level, separates users from data Minimal Assurance, may be based on features, not evaluation C2 – Control led access protection Adds object reuse and auditing More testing requirements Windows NT 3.5 evaluated C2

TCSEC Classes B1 – Labelled Security Protection Adds MAC for some objects Controlled objects “labeled”, access control based on these Stronger testing requirements. Information model of security policy. Bell-La Padula model. Trusted Unix tended to be B1 B2 – Structured protection MAC for all objects, including devices. Design and implementation must enable thorough testing & review “well-defined largely independent modules” Trusted Path. Least privilege. Covert channel analysis, configuration management, more documentation, formal model of security policy

TCSEC Classes B3 – Security Domains A1 – Verified protection Requirements on code modularity, layering, simplicity. Argument (short of proof) that implementation meets design specifications Tamper-proof implementation More stringent testing and documentation. XTS-200/STOP A1 – Verified protection Same functional requirements as B3 Five criteria Formal model of protection and proofs of consistency/adequacy Formal specification for protection system Demonstration that specification corresponds to model of protection “proof” that implementation is consistent with specification Formal analysis of covert channel Existence proof : Honeywell’s SCOMP

Trusted Computing Base – Hardware and software for enforcing security rules process Reference monitor – Part of TCB Reference – All system calls go through reference monitor for security checking – Most OS not designed this way

Security Breaches Interception Interruption Modification Fabrication Security Hole - Software & hardware vulnerability Holes that allow DoS Holes that allow Local users unauthorized access Holes that allow Remote users unauthorized access

Other types: FTP Gopher Telnet Sendmail ARP Portmap

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.