Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT Security Evaluation By Sandeep Joshi

Published byRosaline Hamilton Modified over 9 years ago

Similar presentations

Presentation on theme: "IT Security Evaluation By Sandeep Joshi"— Presentation transcript:

1 IT Security Evaluation By Sandeep Joshi
Common Criteria Common Criteria IT Security Evaluation By Sandeep Joshi Sandeep Joshi Southern Methodist University

2 Southern Methodist University
List of Terms… Term Meaning CC Common Criteria (Official ISO name is Evaluation Criteria for Information Technology Security) Class Grouping of families that share a common focus Component Smallest selectable set of elements Evaluation Assurance Level (EAL) A package consisting of assurance components that represents a point on CC predefined assurance scale Family A grouping of components that share security objective but may differ in emphasis Sandeep Joshi Southern Methodist University

3 Southern Methodist University
List of Terms… Term Meaning Organizational Security Policy One or more security rules, procedures, practices or guidelines imposed by organization upon its operations Package A reusable set of either functional or assurance components, combined together to satisfy set of security policies Protection Profile (PP) An implementation independent set of security requirements Security Target A set of security requirements and specification to be used as a basis for evaluation of identified TOE Semi-Formal Expressed in a restricted syntax language with defined semantics Sandeep Joshi Southern Methodist University

4 Southern Methodist University
List of Terms Term Meaning Target Of Evaluation An IT product or system and its associated administrator and user guidance documentation, that is the subject of evaluation TOE Resource Anything consumable or usable in TOE TOE Security Function (TSF) A set consisting of all hardware, software and firmware of the TOE that must be relied upon for the correct enforcement of TSP TOE Security Policy (TSP) A set of rules that regulate how assets are managed, protected and distributed within a TOE Trusted Channel A means by which a use and a TSF can communicate with necessary confidence to support TSP Sandeep Joshi Southern Methodist University

5 Southern Methodist University
Common Criteria History… Originated out of three standards ITSEC (Information Technology Security Evaluation Criteria) European Standard, developed in early 1990s, by UK, France, the Netherlands, and Germany TCSEC (Trusted Computer System Evaluation Criteria) Widely known as “Orange Book” Sandeep Joshi Southern Methodist University

6 Southern Methodist University
History… TCSEC (Trusted Computer System Evaluation Criteria) Issued by United States Government National Computer Security Council, as DoD standard STD, December 1985 CTCPEC (Canadian Trusted Computer Product Evaluation Criteria) Sandeep Joshi Southern Methodist University

7 Southern Methodist University
History… First Draft (Version 1.0) was published in January 1996 for comments Version 2.0 was published in 1998, and was accepted by ISO as an Final Committee Draft (FCD) document Version 2.0 became ISO standard sometime in June 1999 with minor, mostly editorial modifications. Sandeep Joshi Southern Methodist University

8 Southern Methodist University
History Two versions of CCs were released since then… Version 2.1 was released in August 1999, and now accepted as ISO standard Version 2.2, the newest version, released this year (2004). Sandeep Joshi Southern Methodist University

9 Southern Methodist University
Why should we use the CC? What support does CC have? What guarantees do CC-certified/validated products provide? Where should we start, if we want to achieve CC-certificate/validation for our product? Sandeep Joshi Southern Methodist University

10 What support does CC have?..
National security and standards organizations within Canada, France, Germany, Netherlands, UK and USA worked in collaboration to replace their existing security evaluation criteria (SEC) Sandeep Joshi Southern Methodist University

11 What support does CC have?
Acceptance by ISO will ensure that CC rapidly becomes the world standard for security specification and evaluation Wider choice for evaluated products for consumers Greater understanding of consumer requirements Greater access to markets for developers Sandeep Joshi Southern Methodist University

12 What guarantees products will provide?
A sound basis for confidence that security measures are appropriate to meet a given threat and that they are correctly implemented Quantifies/measures the extent to which security has been assessed Includes an assurance scale, called as Evaluation Assurance Level (EAL) Sandeep Joshi Southern Methodist University

13 Southern Methodist University
Who could be affected? Developers Vendors Common Criteria Accreditors Certifiers Approvers Evaluators Consumers Sandeep Joshi Southern Methodist University

14 Southern Methodist University
What is CC? Overview Building Blocks Security and Functional Requirements Security Assurance Requirements Protection Profiles (PP) Security Targets (ST) Sandeep Joshi Southern Methodist University

15 Southern Methodist University
Overview… Consumer Developer Evaluator Introduction and General Model For background and reference purposes Security Functional Requirements Guidance for formulating statement of requirements Reference when interpreting statements of functional requirements Mandatory to determine if product meets requirements Security Assurance Requirements Guidance formulating level of assurance Reference interpreting assurance requirements Sandeep Joshi Southern Methodist University

16 Southern Methodist University
Overview Sandeep Joshi Southern Methodist University

17 Southern Methodist University
Building Blocks… Security Functional Requirements Grouped into 11 classes Members of each class shares common focus, but differ in emphasis Audit, Cryptographic Support, Communication, User Data Protection, Identification and Authentication, Security Management, Privacy, Protection of TOE security functions, Resource Utilization, TOE Access, Trusted Path/Channels Sandeep Joshi Southern Methodist University

18 Southern Methodist University
Building Blocks Audit class contains 6 families dealing with various aspects of auditing data generation, analysis, event storage etc. Each family contains one or more components Audit data generation has 2 components 1 dealing with generation of audit records 2 dealing with association of user with auditable event Sandeep Joshi Southern Methodist University

19 Security Assurance Requirements…
Grouped into Classes  Families  Components In all 8 basic classes and two special classes for PPs and STs Configuration Management, Guidance Documents, Vulnerability Assessment, Delivery and Operation, Life Cycle Support, Assurance Maintenance, Development, Tests Sandeep Joshi Southern Methodist University

20 Security Assurance Requirements…
Provides 7 predefined assurance packages Known as Evaluation Assurance Levels (EAL) Raising scale of assurance From EAL1 to EAL7 Sandeep Joshi Southern Methodist University

21 Security Assurance Requirements…
EAL1: Functionally Tested Provides evaluation of product as made available to user Independent testing against specification Examination of guidance documents EAL2: Structurally Tested Applicable where developer/user need low  moderate level of assurance For example, legacy systems EAL3: Methodically Tested and Checked Provides analysis supported by “gray box” testing Selective confirmation of test results Sandeep Joshi Southern Methodist University

22 Security Assurance Requirements…
EAL4: Methodically Designed, Tested and Reviewed Low level analysis of design, and subset of implementation Independent search for vulnerability EAL5: Semi-formally Designed and Testes Analysis of complete implementation Supplemented by formal model Semiformal presentation of functional model, and high level design Search for vulnerability must ensure resistance etc Sandeep Joshi Southern Methodist University

23 Security Assurance Requirements
EAL6: Semi-formally Verified design and Tested Analysis with modular and layered approach to design and implementation Plus EAL5 and lower level testing EAL7: Formally Verified design and Tested Evaluation of formal model with, formal presentation of formal specification Evidence of “white-box” testing Sandeep Joshi Southern Methodist University

24 Southern Methodist University
Protection Profiles… What is Protection Profile? Essentially an implementation independent statement of security requirements that is shown to address threats that exists in a specified environment Sandeep Joshi Southern Methodist University

25 Southern Methodist University
Protection Profiles… What it contains? Introduction  PP Identification, PP Overview TOE Description TOE Security Environment  Assumptions, Threats, Organizational Security Policies Security Objectives  For TOE, For Environment IT Security Requirements  TOE Security Requirements Functional Assurance  Security Requirements for IT environment PP Application Notes Rationale  Objectives, Requirements Sandeep Joshi Southern Methodist University

26 Southern Methodist University
Protection Profiles When would you want a PP? When setting standards for particular product type A government wishes to specify security requirements for a class of security products, like firewalls, etc. Or, a firm needs an IT system that addresses its security issues Sandeep Joshi Southern Methodist University

27 Southern Methodist University
Security Targets… What is Security Target? A basis against which evaluation is performed Contains security threats, objectives, requirements, summary specification of functions and assurance measures When is ST Needed? When submitting product for evaluation Sandeep Joshi Southern Methodist University

28 Southern Methodist University
Security Targets… What are the contents of ST Document? Introduction  ST Identification, ST Overview, CC conformance TOE Description TOE Environment  Assumptions, Threats, Organizational Security Policies Security Objectives  For TOE, For environment IT Security Requirements  TOE Security Requirements  Functional, Assurance  Security Requirements for IT environment TOE Summary Specification TOE Security Function, Assurance Measures PP Claims  PP Reference, PP Refinement, Additions Rationale Security Objective Rationale Security Requirements Rationale TOE Summary Specification PP Claims Rationale Sandeep Joshi Southern Methodist University

29 Southern Methodist University
Reference Sandeep Joshi Southern Methodist University

30 Southern Methodist University
Questions!!! Sandeep Joshi Southern Methodist University

Download ppt "IT Security Evaluation By Sandeep Joshi"

Similar presentations

Security Requirements

Security Requirements
Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
Configuration management

Configuration management
University of Tulsa - Center for Information Security Common Criteria Dawn Schulte Leigh Anne Winters.

University of Tulsa - Center for Information Security Common Criteria Dawn Schulte Leigh Anne Winters.
Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.

Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.2: Evaluation of Secure Information Systems.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.2: Evaluation of Secure Information Systems.
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
ANSI/ASQ E Overview Gary L. Johnson U.S. EPA

ANSI/ASQ E Overview Gary L. Johnson U.S. EPA
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #18-1 Chapter 18: Evaluating Systems Goals Trusted Computer System Evaluation.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #18-1 Chapter 18: Evaluating Systems Goals Trusted Computer System Evaluation.
4/28/20151 Computer Security Security Evaluation.

4/28/20151 Computer Security Security Evaluation.
CS526Topic 22: TCSEC and Common Criteria 1 Information Security CS 526 Topic 22: TCSEC and Common Criteria.

CS526Topic 22: TCSEC and Common Criteria 1 Information Security CS 526 Topic 22: TCSEC and Common Criteria.
Chapter 16: Standardization and Security Criteria: Security Evaluation of Computer Products Guide to Computer Network Security.

Chapter 16: Standardization and Security Criteria: Security Evaluation of Computer Products Guide to Computer Network Security.
Common Criteria Richard Newman. What is the Common Criteria Cooperative effort among Canada, France, Germany, the Netherlands, UK, USA (NSA, NIST) Defines.

Common Criteria Richard Newman. What is the Common Criteria Cooperative effort among Canada, France, Germany, the Netherlands, UK, USA (NSA, NIST) Defines.
Effective Design of Trusted Information Systems Luděk Novák,

Effective Design of Trusted Information Systems Luděk Novák,
The Common Criteria for Information Technology Security Evaluation

The Common Criteria for Information Technology Security Evaluation
1 norshahnizakamalbashah-19112007- CEM v3.1: Chapter 10 Security Target Evaluation.

1 norshahnizakamalbashah CEM v3.1: Chapter 10 Security Target Evaluation.
Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.

Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.
The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.

The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 – Trusted Computing.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 – Trusted Computing.

Similar presentations

Ads by Google