IT-Security Evaluation Criteria

More documents

Recommendations

Info

Organisation and Construction of Security Requirements: Classb Family k Component Packages Component …. Protection Profile Component Possible Input sources for PP Classa Familiy j Component Package: Reusable set of either functional or assurance components (e.g, EALs ) Security Target (ST): Set of security requirements used as a basis for evaluation of an identified TOE Family i Component Component …, Component Security Target Possible Component Optional extended input sources …… (non-CC) Security for ST Component Requirements Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 21 Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 22 Protection Profile (PP): Implementation-independent, reusable set of security-requirements for a category of TOEs that meet specific consumer needs Example PPs: - Commercial security profile - Profiles to replicated TCSEC C2 and B1 requirements - A role based access control (RBAC) profile - Smart card profiles - Firewall profiles CC registry system for approved PPs Functional Security Requirements (Part 2): Classes of Security Functional Requirements: • FAU (Security Audit) • FCO (Communication/Non-Repudiation) • FCS (Cryptographic Support) • FDP (User Data Protection) • FIA (Identification and Authentication) • FMT (Security Management) • FPR (Privacy) • FPT (Protection of the TOE Security Functions) • FRU (Resource Utilisation) • FTA (TOE Access) • FTP (Trusted path/channels). Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 23 Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 24
Example: Class-Family-Component Hierarchy: Class Family Components Identification and Authentication Authentication Failure Authentication Failures Handling FIA FIA_AFL FIA_AFL.1 …… User Authentication Timing of Authentication FIA_UAU FIA_UAU.1 ….. Re-Authenticating FIA_UAU.6 Protected Authentication Feedback FIA_UAU.7 Assurance Requirements (Part 3): Classes of assurance components (covering the correctness and effectiveness: • ACM (Configuration Management) • ADO (Delivery and Operation) • ADV (Development) • AGD (Guidance Documentation) • ALC (Life-Cycle Support) • ATE (Tests) • AVA (Vulnerability Assessment) User Identification Timing of Identification FIA_UID FIA_UID.1 …… ….. ……. …… Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 25 Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 26 Useful combinations of assurance components are combined into seven Evaluation Assurance Levels (EALs): EAL1 – functionally tested (new) EAL2 – structurally tested (like C1 – E1) EAL3 – methodically tested and checked (like C2 – E2) EAL4 – methodically designed, tested, and reviewed (like B1 – E3) EAL5 – semiformally designed and tested (like B2 – E4) EAL6 – semiformally verified design and tested (like B3 – E5) EAL7 – formally verified design and tested (like A1 – E6) Shortcomings • Costs of evaluation (10% - 40%) of developing costs • Time delay until an evaluation is completed • Cost of re-evaluating new versions of an evaluated product • Certificates only apply to a particular version and a particular configuration of a product • Criteria have been biased on protecting system owners and operators, no satisfactory protection of usees • CC are too voluminous and complex Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 27 Tillämpad datasäkerhet (DAVC17) – Security Evaluation Criteria Simone Fischer-Hübner 28
Page 1 and 2: IT-Security Evaluation Criteria Why
Page 3 and 4: Class B2: Structured Protection: Fe
Page 5: Effectiveness: - assesses suitabili

IT-Security Evaluation Criteria

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?