Presentation is loading. Please wait.

Presentation is loading. Please wait.

PKE PP Mike Henry Santosh Chokhani Jean Petty Entrust CygnaCom.

Similar presentations

Presentation on theme: "PKE PP Mike Henry Santosh Chokhani Jean Petty Entrust CygnaCom."— Presentation transcript:

1 PKE PP Mike Henry Santosh Chokhani Jean Petty Entrust CygnaCom

2 Briefing Contents Common Criteria Background Goals of PKE PP Assumptions Approach in Constructing the PP Summary of Packages Planned Enhancements

3 Entrust CygnaCom Common Criteria: Sponsors Common to Various Nations: Only charter members shown

4 Entrust CygnaCom Common Criteria: Key Concepts Protection Profile (PP) Specification of Security Requirements at what level Implementation and product neutral Security Target (ST) Specification of Security Features at what and how level Implementation and product specific Target of Evaluation (TOE) Products Evaluated against ST

5 Entrust CygnaCom Common Criteria Standard: Specification Part 1 Introduction PP and ST Contents and Formats Part 2: Security Functional Requirements Select from these for PP and/or ST Can extend the requirements Part 3: Security Assurance Requirements Select from these for PP and/or ST Can extend the requirements

6 Entrust CygnaCom Common Criteria Standards: Other Documents Common Evaluation Methodology (CEM) PP Evaluation Standard ST Evaluation Standard TOE Evaluation Standard Guide to Writing PP and ST

7 Entrust CygnaCom Common Criteria: Part 2 & Part 3 Hierarchy …… Part 2 or 3 Class …….... Family …. …….... Component Element

8 Entrust CygnaCom Common Criteria: Part 2 (functional) Classes Audit Comm Crypto User Data Protection I&A Security Management Privacy TSF Protection Resource Utilization TOE Access Trusted Path

9 Entrust CygnaCom Common Criteria: Part 3 (assurance) Classes Configuration Management Vulnerability Assessments Delivery & Operation Guidance Documents Life-Cycle Support Tests Development Note: CC also packages assurance requirements in 7 hierarchical packages called Evaluation Assurance Levels (EAL)

10 Entrust CygnaCom Common Criteria: PP Contents Introduction TOE Description Security Environment Assumptions Threats Organizational Security Policies Rationale Security Objectives drives Security Requirements drives Security objectives for TOE Security objectives for environment Functional Assurance

11 Entrust CygnaCom Common Criteria: Functional Package Contents drives Security objectives Functional Security Requirements Rationale

12 Entrust CygnaCom Common Criteria: Evaluation Model PP Evaluation (Internal) ST Evaluation TOE Evaluation (Internal; Against PP Optional) (against ST)

13 Entrust CygnaCom Project Goals Develop a tool for security evaluation of broad range (all possible!!!) PKE applications in Marine Corps – PKI based cryptographic services vary from application to application – PKE toolkits have varying degree of functionality for certification path validation logic Accommodate a variety of algorithms – DoD Class 3 – Fortezza Class 4 – KMI – Future enhancements

14 Entrust CygnaCom Assumptions Need to accommodate COTS products with varying degree of path validation capability PKI based security mechanisms will vary from application to application Provide ability to evaluate OCSP and CRL Extend the CC for certification path validation and other items – Access control components are not appropriate for certification path validation – Existing CC components not appropriate for CRL and OCSP response processing

15 Entrust CygnaCom Challenge: Balancing Act Product Realities Current Implementations Variety of Solutions Planned Enhancements Security Optional Features

16 Entrust CygnaCom Challenge: Requirements and Capability Increasing Security, Functionality, etc. Examples: No trust anchor processing……………………….Full trust anchor processing No policy processing……………………………….Full policy processing

17 Entrust CygnaCom Solutions Use functional packages as needed Example: Policy processing Use “assignment” operation for SFR to provide additional granularity (Example: trust anchor processing)

18 Entrust CygnaCom Approach Use functional packages to permit ST author to select appropriate: – PKI based cryptographic mechanisms – Certification path validation capability – Revocation checking Certification path validation rules – Non-procedural – Attempt to preserve X.509 input, processing, output – Policy calculation all in “output”

19 Entrust CygnaCom Approach: Environmental Assumptions Cryptographic Module Protects private keys May protect trust anchors Performs cryptography Secure Computing and OS Protects keys and data Provides audit capability Protects audit logs Optional

20 Entrust CygnaCom Approach Use mandatory functional package for PKI Credentials – Required to accommodate cases where cryptographic module does not manage trust anchors – Can be met by application, or environment – OS, or – Cryptographic module

21 Entrust CygnaCom Approach PKI Cryptographic Functional Packages Path Validation Engine Public Key Based Cryptographic Services Encryption Authentication Integrity Association Need for

22 Entrust CygnaCom Approach: Handling Lack of Current Revocation Information Ability to specify acceptance of certification path in case of no revocation information or old revocation information – Past experience shows that flexibility may be needed to provide: Configurability User interaction

23 Entrust CygnaCom Functional Packages: Certificate and CRL Path Validation Select one from four hierarchical Selection based on product capability CRL Processing OCSP Response Processing Basic Full Full Policy Basic Policy

24 Entrust CygnaCom Functional Packages: Cryptography Related Sign Verify Key Transfer Encryption Key Transfer Decryption Key Agreement Encryption Key Agreement Decryption PKI Based Entity Authentication PKI Credential Management

25 Entrust CygnaCom Enhancements (made or being made) PKI Based Entity Authentication Functional Package Clean up some language and CC dependencies Add trust anchor processing as optional – Neither X.509 nor PKIX require it – Match issuer and subject DN – Verify signature using subject public key and parameters (if applicable) – Verify validity period EKU application note may go away when MS makes changes

26 Entrust CygnaCom Enhancements (made or being made) Optional audit functional package – Optional because many applications may not support auditing, e.g., client – Will cover only PKE specific event – Will also cover audit review and protection – Some or all of the requirements may be satisfied by the environment

27 Entrust CygnaCom Enhancements (future) Delta CRL Partitioned CRL (??) Support for SCVP and/or OCSP v2 (??)

28 Entrust CygnaCom Questions

Download ppt "PKE PP Mike Henry Santosh Chokhani Jean Petty Entrust CygnaCom."

Similar presentations

Ads by Google