Presentation is loading. Please wait.

Presentation is loading. Please wait.

8 November Common Criteria Protection Profiles and the NSA Strategy for Their Use Within the U.S. Department of Defense Louis.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "8 November Common Criteria Protection Profiles and the NSA Strategy for Their Use Within the U.S. Department of Defense Louis."— Presentation transcript:

1 8 November 1999lgiles@radium.ncsc.mil Common Criteria Protection Profiles and the NSA Strategy for Their Use Within the U.S. Department of Defense Louis Giles, NSA CACR Information Security Workshop

2 Outline Common Criteria Protection Profiles (PP’s) –Structure –Development Tools –Examples NSA Strategy to Use PP’s for the U.S. DoD The U.S. Common Criteria Evaluation Program

3 Common Criteria Protection Profile (PP) High-level expression of desired security properties (i.e. security environment, security objectives and security requirements) A mechanism to provide Consumers the ability to specify their security requirements Generic so multiple implementations may meet the stated requirements PP represents “I want”

4 Common Criteria Security Target (ST) High-level expression of claimed security properties A mechanism to provide Vendors the ability to make claims regarding their security products Specific to an implementation ST represents “I provide”

5 What’s In a PP Security Environment Defined –The TOE will be used in environments in which no higher than sensitive but unclassified information is processed, or the sensitivity level of information in both the internal and external networks is the same. Firewalls compliant provide access control policies, extensive auditing and a low level of assurance. Secure Usage Assumptions –Connectivity Assumptions Single entry point –Physical Assumptions Control of physical access –Personnel Assumptions Trustworthy Administrator

6 What’s In a PP (cont.) Organizational Security Policies Threats to Security –Threats Addressed by the TOE An unauthorized person may gain logical access to TOE Lack of audit trail Undetected penetration attempts –Threats to be Addressed by Operating Environment Hostile system administrator Sophisticated attacks on higher-level protocols Security Objectives Functional Security Requirements and Assurance

7 From The Old To the New FIPS 140-1, and Orange Book C2, B1, B2, B3, A1 would all be Protection Profiles in Common Criteria terminology as they state customer requirements CC PP’s drafted for C2 (Controlled Access) and B1 (Labeled Security) Operating Systems, Firewalls and VPN’s NSA drafting other PP’s as part of Information Assurance Technical Framework (IATF) NIST project to draft PP for FIPS 140-2

8 The CC Toolbox Information Assurance “TurboTax” design tool for: –Architects –System Engineers –Requirements Activities Focused on: –Application of the CC –Describing Security Features –Specifying Security Requirements –Drafting ST’s and PP’s http://cctoolbox.sparta.com

9 What? A security guidance document developed by NSA’s ISSO organization with support from security advocates in government and industry Constraints? –Unclassified –Published on the Internet Primary Coordination forum? Information Assurance Technical Framework Forum (IATFF) Information Assurance Technical Framework

10 Expected use of results Help government users become wiser consumers of implementing security solutions Assist industry in understanding the government’s needs and the nature of the desired solutions to these needs Focus Government and Industry investment resources on the security technology gaps

11 How does the Framework help Government users? By describing their needs to the industry providers By “suggesting” the important characteristics of security solutions to different classes of problems By providing an assessment of the security technology available on the open market

12 Security Methodology Organizational Security Policy Risk Assessment Certification and Accreditation Non-TechnicalTechnical Security Countermeasures Life-Cycle Security Management Adversaries, Motivations, and Attacks National/ Service/Agency Policies, Regulations, Standards Mission Needs

13 National Policy NSTISSIC, NSTISSAM PeopleOperations GIG Policy GIG IA Policy & Implementation Guidance Technology GIG Architecture Services, Protocols, etc. Information Assurance Technical Framework Defend the Computing Environment Supporting Infrastructures Detect & Respond KMI/ PKI Executive Summaries, Protection Profiles Defend the Network & Infrastructure Defend the Enclave Boundary NIAP -Testing -Evaluation -Certification DITSCAP Certification and Accreditation process Intel Comm. DCID 6/3 Flow from Policy to Specification

14 People Operations Successful Mission Execution Information Assurance Technology Defense In Depth Strategy Defend the Computing Environment Supporting Infrastructures Defend the Enclave Boundary Detect & Respond KMI/PKI Defend the Network & Infrastructure How It’s Organized Central Change: Alignment with Defense-In-Depth NSF Chapter 5 “Security Solutions Framework” NSF Chapter 5 “Security Solutions Framework” Chapter 8 Chapter 7 Chapter 6 Chapter 5 IATF:

15 Today’s Framework Elements Information Assurance Technical Framework (IATF) Main Body Information Assurance Tutorial & General Guidance Executive Summaries Concise, Definitive Security Requirements For Specific Cases Protection Profiles Formal Common Criteria Documents for Defining Testable Requirements IATF Release 2.0, Figure 1-2, Composition of the IATF IATF Release 2.0, Figure 1-2, Composition of the IATF Appendix F: Case Specific Guidance (aka “executive summaries”) Appendix F: Case Specific Guidance (aka “executive summaries”) Appendix G: Protection Profiles Appendix G: Protection Profiles The “Document”

16 Protection Profile for ______ Case Specific Guidance (aka “Executive Summaries”) Descriptive Name for the Need Purpose or Objective Describe what the user wants the system to do Describe the problem the system is intended to solve Target Environment What the user wants the system to do? What is the problem the system is intending to solve? Where does the system operate? How is it used? Diagram of system context Potential Attacks How could an adversary harm operations? What are the information system attacks for which protection is needed? Security Policies What are the security objectives that the system must meet? Info domains? Recommended Approach What is the conceptual architecture for the system? Where will security functions be allocated? Diagram of system Security Functions What are the security functional requirements for the system? What security services must the system perform for each information domain? Assurance Requirements What is the target Evaluation Assurance Level? What strength of mechanism is needed? Interoperability Requirements What other equipments, systems, or procedures must this system exchange information with? Supporting Infrastructure Requirements What support does the system require from Detect and Respond ? What support does the system require from the Key Management Infrastructure? Version Control/Reference Information When last up-dated? By who? Approved by who? Executive Summary for ______ User Situation & Need for Information Assurance Solution

17 Three Kinds of Protection Profiles DoD (COTS) Acquisition Protection Profiles –Developed To Become Binding Procurement Guidance for DoD –Must Be Achievable with Today’s Technology –May Be Accompanied by Additional Specification Data –Will Be Coordinated DoD-Wide by OSD –Ultimately “Owned” by OASD(C3I) Technology Goal Protection Profiles –Developed To Influence Development of New Technology –Focused on Future Needs or Implementations –“Owned” by NSA Specific Need Protection Profiles –Developed In Response to a Customer’s Specific Need –Subject to Customer Approval –“Owned” by the Customer

18 IATF Status Version 1.1 (NSF) - Dec 98 Version 2.0 (align w/D-I-D) published Sep 99 Comment at: www.iatf.net (nsff.org) Appendices F & G

19 An NSA sponsored forum to foster dialog amongst U.S. Government agencies and U.S. Citizens representing U.S. Industry regarding solutions to network security problems Session every 6 weeks Maritime Institute, Linthicum, MD Admission is free. Advance registration required Information Assurance Technical Framework Forum (IATFF)

20 IATFF Information Internet WEB site –Announcements, agenda, minutes, briefing charts –IATF Document (HTML,PDF, MS WORD & ZIP) –On-Line Registration (Forum and Sessions) –SSL and Password protected –www.nsff.org --> now: www.iatf.net –Registrar: John Niemczuk, BoozAllen & Hamilton Inc. niemczuk_john@bah.com, 410-684-6246

21 NIAP - A NIST/NSA Partnership Focusing On: Common Criteria related activities Accreditation and support of private sector CC-based evaluation laboratories Development of Protection Profiles Establishing mutual recognition of CC-based evaluations Government-industry partnerships

22 Common Criteria Evaluation and Validation Scheme (CCEVS) Major National Information Assurance Partnership (NIAP) program initiative Targeted to begin in Fall 1999 Testing based upon Common Criteria (CC) and Common Evaluation Methodology Tests performed by accredited commercial labs Results posted on NIAP Validated Products List (www.niap.nist.gov)

Download ppt "8 November Common Criteria Protection Profiles and the NSA Strategy for Their Use Within the U.S. Department of Defense Louis."

Similar presentations

University of Tulsa - Center for Information Security Common Criteria Dawn Schulte Leigh Anne Winters.

University of Tulsa - Center for Information Security Common Criteria Dawn Schulte Leigh Anne Winters.
ANSI/ASQ E Overview Gary L. Johnson U.S. EPA

ANSI/ASQ E Overview Gary L. Johnson U.S. EPA
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
Effective Design of Trusted Information Systems Luděk Novák,

Effective Design of Trusted Information Systems Luděk Novák,
The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.

The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.
An Overview of Common Criteria Protection Profiles María M. Larrondo Petrie, PhD March 26, 2004.

An Overview of Common Criteria Protection Profiles María M. Larrondo Petrie, PhD March 26, 2004.
DoD Information Assurance Certification and Accreditation Process (DIACAP) August 2011.

DoD Information Assurance Certification and Accreditation Process (DIACAP) August 2011.
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
Conformity Assessment Practical Implications InterAgency Committee on Standards Policy June 2007 Gordon Gillerman Conformity Assessment Advisor Homeland.

Conformity Assessment Practical Implications InterAgency Committee on Standards Policy June 2007 Gordon Gillerman Conformity Assessment Advisor Homeland.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
October 3, 20031 Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.

October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.
Summer 200811 IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.

Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
UNCLASSIFIED 1 Enterprise Architecture Career Path Working Group Walt Okon Senior Architect Engineer Architecture & Infrastructure Directorate Office of.

UNCLASSIFIED 1 Enterprise Architecture Career Path Working Group Walt Okon Senior Architect Engineer Architecture & Infrastructure Directorate Office of.
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Security Controls – What Works

Security Controls – What Works
COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.

COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.
Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.

Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Similar presentations

Ads by Google