Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Crown Copyright (2000) Module 1 Evaluation Overview.

Similar presentations

Presentation on theme: "© Crown Copyright (2000) Module 1 Evaluation Overview."— Presentation transcript:

1 © Crown Copyright (2000) Module 1 Evaluation Overview


3 Introduction Why is IT Security needed? What is IT security evaluation? What is Assurance? What are the Scheme Rules?

4 What Protection ? Salaries Database

5 Aspects of IT Security Confidentiality - protection against unauthorised disclosure of information Integrity - protection against unauthorised modification of information or loss of accuracy Availability - protection against unauthorised withholding of information or resources

6 Assets and Threats Assets –valuable organisational resources –disclosure or compromise or loss would be inconvenient or harmful Threats –a potentially harmful action affecting confidentiality, integrity or availability of assets

7 Countermeasures A measure put in place to counter, or help counter, an identified threat to an asset Countermeasures can be: –IT, i.e. implemented by hardware, firmware or software; or –non-IT, e.g. physical or procedural measures

8 Types of Countermeasure Preventative –place restrictions on who can do what Detective –provide means to detect events which indicate a potential compromise of assets Corrective –take action in response to undesirable events

9 Countermeasure Examples Preventative: –access control (physical or logical) –data encryption Detective –auditing of security relevant events –data integrity measures, e.g. checksums Corrective –user account lockout after login failures –suspension of inactive user sessions

10 Vulnerabilities and Risks Vulnerabilities –a security weakness that may allow realisation of a threat to compromise an asset Risk –likelihood of a threat exploiting a vulnerability to harm an asset and/or cause loss

11 Castle Example

12 Sources of Vulnerabilities Vulnerabilities can arise from: Inappropriate selection of countermeasures Errors in their design or implementation Conflict between countermeasures Loopholes allowing circumvention of countermeasures Misuse of countermeasures

13 Impact of Vulnerabilities Vulnerabilities can be: Exploitable –given sufficient time, resources and expertise an attacker could break through in practice Non-Exploitable –an attacker will be unable in practice to exploit it to compromise an asset

14 What is Evaluation ? An independent assessment of a Target of Evaluation (TOE) involving –analysis –testing Scope of work is defined in a Security Target Aimed at establishing a required level of assurance

15 What is Assurance? A measure of confidence that a TOE meets its security objectives –risk to assets reduced to acceptable level Assurance is governed by –depth of evaluator analysis –degree of developer and evaluator testing –formality / rigour of developer evidence Leads to concept of Assurance Levels

16 Scope of Evaluation Product - an IT package that can be purchased and deployed in a number of different operational environments System - a specific IT installation with a particular purpose and a known operational environment

17 Security Target This defines: –the assets, threats –assumptions –environment..... etc. Everything you need to know about the TOE –including the IT countermeasures or security functions

18 Evaluation Criteria European, 1991 –Information Technology Security Evaluation Criteria (ITSEC) World-wide (ISO standard), 1998 –Common Criteria (CC)

19 Evaluation Methodology How we do evaluations –defined in ITSEM and CEM Defines techniques for the various activities: –Refinement Analysis –TOE life-cycle assessment –Vulnerability Analysis –Testing of TOE

20 The UK Scheme Scheme rules cover –quality and management –security / confidentiality –training –appointment and accreditation

21 Evaluation Parties Developer - produces the TOE Sponsor - pays for the evaluation Evaluator - performs the evaluation Certifier - oversees the evaluation and issues certificates where appropriate Accreditor - relevant to systems only

22 Evaluation Process Developer / Sponsor CLEF Certification Body Accreditor / Sponsor TOE Definition Evaluation Technical Report Certification Report Deliverables Problem Reports

23 Evaluation Conduct Impartiality -what interest do you have in the outcome? Repeatability -could you get the same results? Reproducibility -would other CLEFs get the same results? Objectivity -minimise subjective judgement

24 Summary - 1 Need IT Security to protect assets from threats using adequate countermeasures Evaluation allows a Target Of Evaluation to be independently assessed Assurance gives a level of confidence that a TOE meets its security objectives

25 Summary - 2 Evaluation Criteria - ITSEC and CC Evaluation Methodology - ITSEM and CEM Scheme Rules and Interpretations –quality, management, security, training –application of criteria and methodology Evaluation Conduct –impartial, repeatable, reproducible and objective

26 Further Reading UKSP 01 UKSP 04 Part 1 ITSEC, Sections 0 and 1 Common Criteria Part 1, Section 4

Download ppt "© Crown Copyright (2000) Module 1 Evaluation Overview."

Similar presentations

Ads by Google