Download presentation
Presentation is loading. Please wait.
Published bySamantha Salisbury Modified over 10 years ago
1
Title Slide EVOLVING CRITERIA FOR INFORMATION SECURITY PRODUCTS Ravi Sandhu George Mason University Fairfax, Virginia USA
2
2 SECURITY OBJECTIVES SECRECY (CONFIDENTIALITY) INTEGRITY AVAILABILITY (DENIAL OF SERVICE)
3
3 SECURITY TECHNIQUES Prevention access control Detectionauditing Tolerancepracticality good prevention and detection both require good authentication as a foundation
4
4 SECURITY TRADEOFFS SECURITY FUNCTIONALITYEASE OF USE COST
5
5 ACHIEVING SECURITY Policy what? Mechanismhow? Assurancehow well?
6
6 EVALUATION CRITERIA Policy Assurance SECURITY TARGET Mechanism PRODUCT ??
7
7 CRITERIA DATES ||||||||||| | 198519901995 USA ORANGE BOOK Canadian CTCPEC 1.0 | 2.0 | 3.0 | UK, Germany || France | 1.2 | European Community ITSEC 1.0 | US Federal Criteria 1.0 | Common Criteria
8
8 CRITERIA RELATIONSHIPS USA ORANGE BOOK UKGermanyFranceCanada European Community ITSEC Federal Criteria DRAFT Common Criteria PROPOSED
9
9 COMMON CRITERIA & PRODUCT EVALUATION INTERNATIONAL COMPUTER MARKET TRENDS MUTUAL RECOGNITION OF EVALUATIONS COMPATIBILITY WITH EXISTING CRITERIA SYSTEM SECURITY CHALLENGES OF THE 90'S DRIVING FACTORS
10
10 ORANGE BOOK USA ORANGE BOOK UKGermanyFranceCanada European Community ITSEC Federal Criteria DRAFT Common Criteria PROPOSED
11
11 ORANGE BOOK CLASSES A1Verified Design B3Security Domains B2Structured Protection B1Labeled Security Protection C2Controlled Access Protection C1Discretionary Security Protection DMinimal Protection NO SECURITY HIGH SECURITY
12
12 ORANGE BOOK CLASSES UNOFFICIAL VIEW C1, C2Simple enhancement of existing systems. No breakage of applications B1Relatively simple enhancement of existing systems. Will break some applications. B2Relatively major enhancement of existing systems. Will break many applications. B3Failed A1 A1Top down design and implementation of a new system from scratch
13
13 ORANGE BOOK CRITERIA SECURITY POLICY ACCOUNTABILITY ASSURANCE DOCUMENTATION
14
14 SECURITY POLICY C1C2B1B2B3A1 Discretionary Access Control++ + Object Reuse + Labels ++ Label Integrity + Exportation of Labeled Information + Labeling Human-Readable Output + Mandatory Access Control ++ Subject Sensitivity Labels + Device Labels + +added requirement
15
15 ACCOUNTABILITY C1C2B1B2B3A1 Identification and Authentication+++ Audit ++++ Trusted Path ++ +added requirement
16
16 ASSURANCE C1C2B1B2B3A1 System Architecture+++++ System Integrity+ Security Testing++++++ Design Specification and Verification ++++ Covert Channel Analysis +++ Trusted Facility Management ++ Configuration Management + + Trusted Recovery + Trusted Distribution + +added requirement
17
17 DOCUMENTATION C1C2B1B2B3A1 Security Features User's Guide+ Trusted Facility Manual+++++ Test Documentation+ + + DesignDocumentation++++ +added requirement
18
18 ORANGE BOOK CRITICISMS Does not address integrity or availability Combines policy and assurance in a single linear rating scale Mixes policy and mechanism Mixes policy and assurance
19
19 POLICY VS ASSURANCE assurance C1 C2 B1 B2 B3A1 policypolicy
20
20 EUROPEAN ITSEC USA ORANGE BOOK UKGermanyFranceCanada European Community ITSEC Federal Criteria DRAFT Common Criteria PROPOSED
21
21 POLICY ASSURANCE UNBUNDLING EVALUATION POLICY or FUNCTIONALITY ASSURANCE EFFECTIVENESSCORRECTNESS
22
22 POLICY IN ITSEC Open ended Orange Book classes are grand-fathered in Some new classes are identified
23
23 ORANGE BOOK POLICY GRAND-FATHERING ITSECORANGE BOOK F-C1C1 F-C2C2 F-B1B1 F-B2B2 F-B3B3
24
24 ITSEC NEW POLICIES ITSECOBJECTIVE F-INHigh Integrity Requirements F-AVHigh Availability Requirements F-DIHigh Data Integrity during Data Exchange F-DCHigh Data Confidentiality during Data Exchange F-DXNetworks with High Confidentiality and Integrity others can be defined as needed
25
25 ASSURANCE: EFFECTIVENESS CONSTRUCTION Suitability Analysis Binding Analysis Strength of Mechanism Analysis List of Known Vulnerabilities in Construction OPERATION Ease of Use Analysis List of Known Vulnerabilities in Operational Use
26
26 ASSURANCE: CORRECTNESS ITSECORANGE BOOK (very roughly) E0D E1C1 E2C2 E3B1 E4B2 E5B3 E6A1
27
27 US DRAFT FEDERAL CRITERIA USA ORANGE BOOK UKGermanyFranceCanada European Community ITSEC Common Criteria PROPOSED Federal Criteria DRAFT
28
28 NIST/NSA Joint Work Commercial & Independent Initiatives NISTs IT Security Requirements Study Integrity Research NRC Report "GSSP" Minimum Security Functionality Requirements (MSFR) Federal Criteria for IT Security EC ITSEC Canada TPEP Orange Book Advances in Technology INFLUENCES ON FEDERAL CRITERIA
29
29 ITSEC EVALUATION Policy Assurance SECURITY TARGET Mechanism PRODUCT ??
30
30 FEDERAL CRITERIA EVALUATION Policy Assurance SECURITY TARGET Mechanism PRODUCT ?? Policy Assurance PROTECTION PROFILE ?? Vendor Supplied Customer Supplied
31
31 PROTECTION PROFILE STRUCTURE Descriptive Elements Section Product Rationale Section Development Assurance Requirements Section Functional Requirements Section Evaluation Assurance Requirements Section PROTECTION PROFILE
32
32 FROM PROFILE TO PRODUCT Protection Profile PPA = Protection Profile Analysis Protection Profiles Registry of PP1PP2... PPn Evaluation 2 Evaluation 3 Evaluation 1 PPA Security Target (ST) ST (PP) pp1ppn Product 1Product n
33
33 TOWARDS A COMMON CRITERIA USA ORANGE BOOK UKGermanyFranceCanada Common Criteria PROPOSED Federal Criteria DRAFT European Community ITSEC
34
34 EC-NA Alignment ----- Common Criteria EC-NA Alignment ----- Common Criteria CC Editorial Board Canada CTCPEC 3.0 ITSEC 1.2 FedCrit 1.0 Orange Book Usage Joint Technical Groups Usage & Reviews Public Comment Usage & Reviews 1994: initial target 1996: more likely ISO SC27 WG3 COMMON CRITERIA PLAN
35
35 CHALLENGES THAT REMAIN u Complexities of the open distributed computing and management environments (including use of crypto in conjunction with COMPUSEC) u Systems and composability Problems u Trusted applications development and evaluation methods, including high integrity and high availability systems u Guidance on using IT security capabilities cost effectively in commercial environments u Speedy but meaningful product and system evaluations, and evaluation rating maintenance
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.