Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Published byPamela Douglas Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher."— Presentation transcript:

1 Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

2 Lecture 15 Page 2 CS 236 Online Evaluating Program Security What if your task isn’t writing secure code? It’s determining if someone else’s code is secure –Or, perhaps, their overall system How do you go about evaluating code or a working system for security?

3 Lecture 15 Page 3 CS 236 Online Secure System Standards Several methods proposed over the years to evaluate system security Meant for head-to-head comparisons of systems –Often operating systems, sometimes other types of systems –Usually for HW/SW, not working systems

4 Lecture 15 Page 4 CS 236 Online Some Security Standards U.S. Orange Book Common Criteria for Information Technology Security Evaluation There were others we won’t discuss in detail

5 Lecture 15 Page 5 CS 236 Online The U.S. Orange Book The earliest evaluation standard for trusted operating systems Defined by the Department of Defense in the late 1970s Now largely a historical artifact

6 Lecture 15 Page 6 CS 236 Online Purpose of the Orange Book To set standards by which OS security could be evaluated Fairly strong definitions of what features and capabilities an OS had to have to achieve certain levels Allowing “head-to-head” evaluation of security of systems –And specification of requirements

7 Lecture 15 Page 7 CS 236 Online Orange Book Security Divisions A, B, C, and D –In decreasing order of degree of security Important subdivisions within some of the divisions Required formal certification from the government (NCSC) –Except for the D level

8 Lecture 15 Page 8 CS 236 Online Why Did the Orange Book Fail? Expensive to use Didn’t meet all parties’ needs –Really meant for US military –Inflexible Certified products were slow to get to market Not clear certification meant much –Windows NT was C2, but that didn’t mean NT was secure in usable conditions Review procedures tied to US government

9 Lecture 15 Page 9 CS 236 Online The Common Criteria Modern international standards for computer systems security Covers more than just operating systems –Other software (e.g., databases) –Hardware devices (e.g., firewalls) Design based on lessons learned from earlier security standards Lengthy documents describe the Common Criteria

10 Lecture 15 Page 10 CS 236 Online Common Criteria Approach The CC documents describe –The Evaluation Assurance Levels (EAL) 1-7, in increasing order of security The Common Evaluation Methodology (CEM) details guidelines for evaluating systems PP – Protection Profile –Implementation-independent set of security requirements

11 Lecture 15 Page 11 CS 236 Online Another Bowl of Common Criteria Alphabet Soup TOE – Target of Evaluation TSP – TOE Security Policy –Security policy of system being evaluated TSF – TOE Security Functions –HW, SW used to enforce TSP ST – Security Target –Predefined sets of security requirements

12 Lecture 15 Page 12 CS 236 Online What’s the Common Criteria About? Highly detailed methodology for specifying : 1.What security goals a system has? 2.What environment it operates in? 3.What mechanisms it uses to achieve its security goals? 4.Why anyone should believe it does so?

13 Lecture 15 Page 13 CS 236 Online How Does It Work? Someone who needs a secure system specifies what security he needs –Using CC methodology –Either some already defined PPs –Or he develops his own He then looks for products that meet that PP –Or asks developers to produce something that does

14 Lecture 15 Page 14 CS 236 Online How Do You Know a Product Meets a PP? Dependent on individual countries Generally, independent labs verify that product meets a protection profile In practice, a few protection profiles are commonly used Allowing those whose needs match them to choose from existing products

15 Lecture 15 Page 15 CS 236 Online Status of the Common Criteria In wide use Several countries have specified procedures for getting certifications –Some agreements for honoring other countries’ certifications Many products have received various certifications

16 Lecture 15 Page 16 CS 236 Online Problems With Common Criteria Expensive to use Slow to get certification –Certified products may be behind the market Practical certification levels might not mean that much –Windows 2000 was certified EAL4+ –But kept requiring security patches... Perhaps more attention to paperwork than actual software security –Lower, commonly used EALs only look at process/documentation, not actual HW/SW

Download ppt "Lecture 15 Page 1 CS 236 Online Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher."

Similar presentations

Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.

Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.2: Evaluation of Secure Information Systems.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.2: Evaluation of Secure Information Systems.
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.
CS526Topic 22: TCSEC and Common Criteria 1 Information Security CS 526 Topic 22: TCSEC and Common Criteria.

CS526Topic 22: TCSEC and Common Criteria 1 Information Security CS 526 Topic 22: TCSEC and Common Criteria.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Common Criteria Richard Newman. What is the Common Criteria Cooperative effort among Canada, France, Germany, the Netherlands, UK, USA (NSA, NIST) Defines.

Common Criteria Richard Newman. What is the Common Criteria Cooperative effort among Canada, France, Germany, the Netherlands, UK, USA (NSA, NIST) Defines.
The Common Criteria for Information Technology Security Evaluation

The Common Criteria for Information Technology Security Evaluation
IT Security Evaluation By Sandeep Joshi

IT Security Evaluation By Sandeep Joshi
1 norshahnizakamalbashah-19112007- CEM v3.1: Chapter 10 Security Target Evaluation.

1 norshahnizakamalbashah CEM v3.1: Chapter 10 Security Target Evaluation.
Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.

Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.
The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.

The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.
The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.

The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.
Secure Operating Systems Lesson 0x11h: Systems Assurance.

Secure Operating Systems Lesson 0x11h: Systems Assurance.
1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.

1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.

COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.
Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Similar presentations

Ads by Google