Standards In The Evaluation Of IT Security Steve Randall & Scott Cadzow TC-MTS#39 20-21 October 2004 Sophia Antipolis 39TD025.

Slides:



Advertisements
Similar presentations
Security Requirements
Advertisements

Module 1 Evaluation Overview © Crown Copyright (2000)
University of Tulsa - Center for Information Security Common Criteria Dawn Schulte Leigh Anne Winters.
Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.2: Evaluation of Secure Information Systems.
ANSI/ASQ E Overview Gary L. Johnson U.S. EPA
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
Effective Design of Trusted Information Systems Luděk Novák,
The Common Criteria for Information Technology Security Evaluation
IT Security Evaluation By Sandeep Joshi
1 norshahnizakamalbashah CEM v3.1: Chapter 10 Security Target Evaluation.
The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.
1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.
Security Controls – What Works
1 Software Requirement Analysis Deployment Package for the Basic Profile Version 0.1, January 11th 2008.
RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.
Chapter 3 Software process Structure Chapter 3 Software process Structure Moonzoo Kim KAIST 1.
Fraud Prevention and Risk Management
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Instructions and forms
1 A Common-Criteria Based Approach for COTS Component Selection Wes J. Lloyd Colorado State University Young Researchers Workshop (YRW) 2004.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
1 Autumn 2008 TM8104 IT Security Evaluation Guide on the production of Protection Profiles Karin Sallhammar Q2S/NTNU 29/11/2003 Reference: ISO/IEC TR
Evaluating Systems Information Assurance Fall 2010.
Cryptography and Network Security
The Security Analysis Process University of Sunderland CSEM02 Harry R. Erwin, PhD.
SE-02 SOFTWARE ENGINEERING LECTURE 3 Today: Requirements Analysis Requirements tell us what the system should do - not how it should do it. Requirements.
Software Quality Assurance Lecture 4. Lecture Outline ISO ISO 9000 Series of Standards ISO 9001: 2000 Overview ISO 9001: 2008 ISO 9003: 2004 Overview.
World Class Standards WG8 presentation of current Subscription Management Activities TISPAN WG8 – 3GPP SA#5 Joint meeting Sophia Antipolis, May14th - 15.
Introduction to the ISO series ISO – principles and vocabulary (in development) ISO – ISMS requirements (BS7799 – Part 2) ISO –
“……What has TV guide got to with news?”. “In order to have a successful report you must assemble the facts and opinions from a variety of sources, review.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Background. History TCSEC Issues non-standard inflexible not scalable.
Conformance Mark Skall Lynne S. Rosenthal National Institute of Standards and Technology
OpenSG Conformity IPRM Overview July 20, ITCA goals under the IPRM at a high level and in outline form these include: Organize the Test and Certification.
1 Common Criteria Ravi Sandhu Edited by Duminda Wijesekera.
ISO 9001:2008 to ISO 9001:2015 Summary of Changes
The Value of Common Criteria Evaluations Stuart Katzke, Ph.D. Senior Research Scientist National Institute of Standards & Technology 100 Bureau Drive;
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
New ISO Standards Transition Workshop (Auditors)
Common Criteria V3 Overview Presented to P2600 October Brian Smithson.
CMSC : Common Criteria for Computer/IT Systems
1 15 quality goals for requirements  Justified  Correct  Complete  Consistent  Unambiguous  Feasible  Abstract  Traceable  Delimited  Interfaced.
TM8104 IT Security EvaluationAutumn CC – Common Criteria (for IT Security Evaluation) The CC permits comparability between the results of independent.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
21-05-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx Title: LB #1b Comment Summary Date Submitted: March, 2007 Presented at.
Proposed Privacy Taxonomy for IOT Scott Shorter, Electrosoft, These slides are based on work contributed to the IDESG Use Case AHG in January.
1 Using Common Criteria Protection Profiles. 2 o A statement of user need –What the user wants to accomplish –A primary audience: mission/business owner.
Copyright (C) 2007, Canon Inc. All rights reserved. P. 0 A Study on the Cryptographic Module Validation in the CC Evaluation from Vendors' point of view.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
The common structure and ISO 9001:2015 additions
Copyright (c) 2014 Pearson Education, Inc. Introduction to DBMS.
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
SDLS Protocol Green Book initiation Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.
Chapter 21: Evaluating Systems Dr. Wayne Summers Department of Computer Science Columbus State University
Requirement Elicitation Review – Class 8 Functional Requirements Nonfunctional Requirements Software Requirements document Requirements Validation and.
DOCUMENTATION ISO/IEC 17025:2005 Documentation.
Doc.: IEEE /0085r1 Submission June 2010 Tuncer Baykas, NICTSlide TG1 and System Design Document Notice: This document has been prepared.
The Common Criteria for Information Technology Security Evaluation
Ch.18 Evaluating Systems - Part 2 -
Security SIG in MTS 05th November 2013 DEG/MTS RISK-BASED SECURITY TESTING Fraunhofer FOKUS.
UNIT V QUALITY SYSTEMS.
SDLS Protocol Green Book initiation
HIGHLIGHTING THE KEY CHANGES
THE ORANGE BOOK Ravi Sandhu
Cryptography and Network Security
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE- P2600 PP Guidelines Suggested Format and Content
Presentation transcript:

Standards In The Evaluation Of IT Security Steve Randall & Scott Cadzow TC-MTS# October 2004 Sophia Antipolis 39TD025

12-Oct-04TC-MTS 39TD0252 Common Criteria  Products offering security features always carefully evaluated (particularly by government bodies)  Mid-90s, evaluation bodies got together to define a single set of evaluation requirements, the “Common Criteria (CC)” in ISO/IEC  Part 1: Introduction and general model  Part 2: Security functional requirements  Part 3: Security assurance requirements  Rapidly growing interest in security and evaluation within commercial world  Key aspects of CC:  Formal evaluation process  Using trained evaluators  International recognition of results

12-Oct-04TC-MTS 39TD0253 CC Terminology  Protection Profile (PP)  Abstract specification of required security functionality  Security Target (ST)  Concrete specification of a product providing required security functionality  Target Of Evaluation (TOE)  Actual product providing required security functionality

12-Oct-04TC-MTS 39TD0254 Standards and CC [1]  CC generally used to evaluate product  Communications products often incorporate implementations of standards  Standards are rarely evaluated under CC  The question for TISPAN:  Can standards be written in a way that simplifies the evaluation of products implementing them?

12-Oct-04TC-MTS 39TD0255 Standards and CC [2]  Protocol standards are spiritually close to PPs  Specify implementation independent requirements  Use formalized text to specify requirements (shall, may, should…)  Use specification languages for design, validation and testing (SDL, UML, MSC, ASN.1, TTCN)  Have traceability:  Title  Version numbering  Change control

12-Oct-04TC-MTS 39TD0256 What is TISPAN Doing ? - Long Term -  Providing guidance to standards developers on standards preparation  To allow evaluation  To achieve higher quality standards  Introducing CC vocabulary  Requirements stated in terms of ISO/IEC Part 2  Evaluation stated as a goal of standardisation

12-Oct-04TC-MTS 39TD0257 What is TISPAN Doing ? - Short Term –  A guide to CC as it applies to standards  Evaluation Assurance Levels (EALs)  Functional requirements classes  Evaluation classes  Proforma for PP  Guidance on preparing a standard for CC evaluation:  Format  Content  Development process  Proforma for ST  Format and overview of developers’ responsibilities in preparing a product for evaluation

12-Oct-04TC-MTS 39TD0258 Evaluation Assurance Levels (EAL)  EAL 1:Functionally tested  EAL 2:Structurally tested  EAL 3:Methodically tested and checked  EAL 4:Methodically designed, tested and reviewed  EAL 5:Semiformally designed and tested  EAL 6:Semiformally verified design and tested  EAL 7: Formally verified design and tested

12-Oct-04TC-MTS 39TD0259 CC Specification Structure  Functional requirements and evaluation requirements categorized as Classes, Families and Components. Class Family Component

12-Oct-04TC-MTS 39TD02510 Functional Requirements Classes  FAU:Security Audit  FCO:Communication  FCS:Cryptographic Support  FDP:User Data Protection  FIA:Identification and Authentication  FMT:Security Management  FPR:Privacy  FPT:Protection of TOE Security Functions  FRU:Resource Utilization  FTA:TOE Access  FTP:Trusted Paths and Channels

12-Oct-04TC-MTS 39TD02511 Example Families (FIA)  FIA_AFL:Authentication Failures  FIA_ATD:User Attributes Definition  FIA_SOS:Specification Of Secrets  FIA_USU:User Authentication  FIA_UID:User Identification  FIA_USB:User-Subject Binding

12-Oct-04TC-MTS 39TD02512 Assurance Classes  APE:Protection Profile Evaluation  ASE:Security Target Evaluation  ACM:Configuration Management  ADO:Delivery and Operation  ADV:Development  AGD:Guidance Documents  ALC:Life Cycle Support  ATE:Tests  AVA:Vulnerability Analysis

12-Oct-04TC-MTS 39TD02513 Example Families (ADV)  ADV_FSP:Functional Specification  ADV_HLD:High-Level Design  ADV_IMP:Implementation representation  ADV_INT:TOE Security Function Internals  ADV_LLD:Low-Level Design  ADV_RCR:Representation Correspondence  ADV_SPM:Security Policy Modelling

12-Oct-04TC-MTS 39TD02514 Protection Profile  Although content similar, PP is written in a different way to a standard. It is, therefore:  unlikely (and undesirable) that ETSI will change the style of its standards;  unreasonable to expect ISO and the security community to change the way a PP is written;  unrealistic to expect an evaluator to find all PP information in an ETSI standard (or multiple standards);  inefficient to write out information twice (once in a standard and again in the PP).  “PICS” approach adopted where information is summarized in a table which includes references to text rather than the text itself.

12-Oct-04TC-MTS 39TD02515 PP Header ETSI Protection Profile Introduction Doc No.VersionDate Full Title OverviewCopy the Scope clause here Description This should come directly from the first clause in the main body of the standard (clause 4?) which is likely to be a general introduction.

12-Oct-04TC-MTS 39TD02516 PP Security Environment aSecurity Environment (This section should summarize the Vulnerability Analysis) a.1Assumptions a.1.1Users are assumed to be suitably authorizedB.4.2 a.2Assets a.2.5Authentication keys7.5, B.8.1 a.3Threat agents a.3.2Unauthorized software applicationsB.9.1 a.4Threats a.4.8Unauthorized modification or destruction of an authentication keyB.9.5 a.5Security policies (OPTIONAL) a.5.3Common Criteria for Information Technology Security EvaluationISO/IEC 15408

12-Oct-04TC-MTS 39TD02517 PP Security Objectives bSecurity Objectives (Information likely to come from a different doc, e.g., Stage 1 or Stage 2) b.1Security objectives for the TOE b.1.1Users must be identified and authenticated on registrationEG §5.4 b.2Security objectives for the environment b.2.1 The database of user registration information must be up ‑ to ‑ date EG §5.6

12-Oct-04TC-MTS 39TD02518 PP Security Requirements cSecurity Requirements (Information should come directly from the security standard) c.1TOE security requirements c.1.1TOE security functional requirements c.1.1.7It shall be possible for a suitably authorized user to establish and modify the access rights of other users FDP_ACF c.1.3TOE security assurance requirements c.1.3.1A TOE implementing this PP shall be evaluated at CC EAL4 ISO/IEC ‑ 3 c.2Environment security requirements (OPTIONAL) c.2.4User authentication data shall be protected during transmission through the network FDP_ETC.27.3

12-Oct-04TC-MTS 39TD02519 PP Additional Information dAdditional Information (OPTIONAL) eRationale Reference to a document or annex explaining how the selected security objectives and requirements counter the threats identified in the Vulnerability Analysis. It is probably a good idea to include the rationale in the Vulnerability Analysis.

Standards In The Evaluation Of IT Security 39TD025

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.