Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certification and Accreditation CS-7493-01 Unit 2:ITSEC System Classes LTC Tim O’Hara Ms Jocelyne Farah Mr Clinton Campbell.

Published byDorothy Hunter Modified over 8 years ago

Similar presentations

Presentation on theme: "Certification and Accreditation CS-7493-01 Unit 2:ITSEC System Classes LTC Tim O’Hara Ms Jocelyne Farah Mr Clinton Campbell."— Presentation transcript:

1 Certification and Accreditation CS-7493-01 Unit 2:ITSEC System Classes LTC Tim O’Hara Ms Jocelyne Farah Mr Clinton Campbell

2 2 Unit Goals n Introduction n Goal: Determining System Class n ITSEC Classification Criteria n System Security Requirements References: DITSCAP Enclosure 7 – ITSEC System Class Description

3 3 What is a “system”? n Information System (a.k.a: Automated Information System, Information Technology System) –“Any equipment or interconnected system or subsystem of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission or reception of data and includes computer software, firmware, and hardware.”

4 4 Ultimate Goal n Fact: IT Systems perform valuable functions and processes in the government and in private sector n Goal: Missions must be completed and harm should be prevented IT Systems should be afforded an appropriate level of Confidentiality, Integrity, Availability and Accountability

5 5Definition n An ITSEC system class is a profile of system characteristics derived from considering how the same characteristics applied to the system's operation data affects community mission outcome.

6 6 Why System Classes? n Independent assessment is slow n Established and tested security requirements exist –Req. = F(Mission, Env., Arch.) –Deg compliance = F(value) n Benefit: Reuse –Issues –Risks –Requirements –Solutions –Implementations –Analyses Essentially, system classes provide an economical solution

7 7Benefits n Reuse past experience n Compare and contrast systems within a class or related tasks n Bound the security problem to satisfy individual class conditions n Consider systems security posture independently and in relation to other systems

8 8Limitations n Certification is faster, but not shorter n System engineering tradeoff decisions still necessary –Implementation of physical controls –Technical countermeasures

9 9 ITSEC Class Characteristics CharacteristicOperationDataInfrastructureSystemAlternatives Interfacing Mode Processing Mode Attribution Mode Mission- Reliance Factor Accessibility Factor Accuracy Factor Information Categories

10 10 Assigning Classes n Assignments based on similar risk –With respect to impact on other systems n Discriminating characteristics with respect to data and operations Don’t ignore the infrastructure where the system is connected

11 11 Interfacing Mode Goal: Containment of risk among connected systems n Operation, data, system risk to other connected operations, data, or systems Alternatives n Benign – No physical or logical relationships (closed community) n Passive – Limited to indirect interaction –Possibly physical relationships –Logical relationships tightly controlled n Active – Direct interaction –Physical and logical relationships

12 12 Processing Mode n Goal: Distinguish the way processing, transmission, storage, or data is handled –Reflect use of the system by one or more different sets of users or processes n Alternatives –dedicated level, compartmented level, system high level, and multi-level

13 13 Processing Mode Alternatives n Dedicated Level – Single information category –All users/processes have valid clearance for all data, and same need-to-know –Access controls equal for all users and processes n Compartmented Level – Different information categories with single-level access by individual users or processes at any "given time" –All users/processes have valid clearance for the most restricted data and need-to- know for particular data –Access controls are different for each user and process n System High Level – Actually multiple information categories, but treated as a single category –All users/processes have valid clearance for all data, but not the same need-to-know –Access controls equal for all users and processes n Multi-Level – Different information categories with simultaneous access by individual users/processes –All users/processes may not have the same clearance or need-to-know –Access controls are different for each user and process

14 14 Attribution Mode Goal n Degree or complexity of accountability required to establish authenticity and non-repudiation n Components –processing (p) –transmission (t) –Storage (s) –data (d) Alternatives n None – no p, t, s, & d can be attributed to users or processes n Rudimentary – only the most basic p, t, s, & d can be attributed n Selected – some p, t, s, & d can be attributed n Comprehensive – all (or most) p, t, s, & d can be attributed

15 15 Mission-Reliance Factor n Goal: Degree that mission success relies on operation, data, infrastructure, or the system –Independent of the criticality of the mission n Alternatives –None –Cursory –Partial –Total

16 16 Accessibility Factor n Goal: Degree that operation, data, infrastructure, or system needs to be available –From a security perspective, not performance n Alternatives –Reasonable –Soon –ASAP –Immediate

17 17 Accuracy Factor n Goal: Degree that integrity of operation, data, infrastructure, or system is needed –From a security perspective n Alternatives –Not-applicable – Integrity of data is irrelevant to operations –Approximate – Degree of integrity must be approximate to avoid operational impact –Exact – Degree of integrity must be exact or extremely high to avoid operational impact

18 18 Information Categories Goal n Categorize information based on common management principles and security requirements promulgated by security policy Alternatives n Unclassified n Sensitive n Privacy Act n Financially Sensitive n Proprietary Information n Administrative/Other n Collateral Classified n Compartmented and/or Special Access Classified

19 19 Remember the Initial Table? CharacteristicOperationDataInfrastructureSystemAlternatives Interfacing ModeBenign, Passive, or Active Processing Mode Dedicated Level, Compartmented Level, System High, or Multi-level Attribution ModeNone, Rudimentary, Basic, or Comprehensive Mission-Reliance Factor None, Cursory, Partial, or Total Accessibility Factor Reasonable, Soon, ASAP, or Immediate Accuracy FactorNot-applicable, Approximate, or Exact Information Categories Unclassified, Sensitive (Privacy Act, Financially Sensitive, Administrative, Proprietary, or Other), Collateral Classified, or Compartmented/Special Access Classified

20 20 Successful Implementation Secure Systems n Define security requirements early n Consider all ITSEC disciplines n Remember that system specific requirements can be inherited from mission and function –Some systems need higher level of assurance of implementation n But, how will security requirement sets be developed?

21 21 Initial Step n Analyze existing systems to determine classes –Accredited systems become “models” –Applicable ITSEC requirements, high-level architectures and approved solutions are stored in a common repository n Requirements definition process collects ITSEC requirements into a common database –Requirements are reviewed to remove conflicts and duplications –Result is a clean, and complete set of requirements –Requirements are allocated to each security class –Results are stored in a database

22 22 Recurring Steps n Construct a description of each system n Define the boundaries of the system compared to those that this system may interact Example Description n Mission of the system. n Functions this system will perform. n Interfaces with other systems. n Interactions across system interfaces. n Expected users of this system. n Information categories to be processed. n Time frame for developing and implementing the system. n Components of the system that will be automated versus manual. n Budget limitations that may affect the system. n Other system constraints or assumptions that will impact the system. If the systems aren’t understood well enough to create these descriptions, the DITSCAP is NOT ready to begin!

23 23 Determination of System Class n Select the applicable entries for the first three columns (operation, data, and infrastructure) n Resolve these entries to determine the most applicable value for the fourth column –The system should adequately support the needs as defined for operation, data, and infrastructure n Result: System with minimum security requirements specified in context of operation, data, and infrastructure. Don’t forget to update the common database if necessary!

24 03/14/200124 Questions

Download ppt "Certification and Accreditation CS-7493-01 Unit 2:ITSEC System Classes LTC Tim O’Hara Ms Jocelyne Farah Mr Clinton Campbell."

Similar presentations

Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
METRICS AND CONTROLS FOR DEFENSE IN DEPTH AN INFORMATION TECHNOLOGY SECURITY ASSESSMENT INITIATIVE.

METRICS AND CONTROLS FOR DEFENSE IN DEPTH AN INFORMATION TECHNOLOGY SECURITY ASSESSMENT INITIATIVE.
Database Systems: Design, Implementation, and Management Tenth Edition

Database Systems: Design, Implementation, and Management Tenth Edition
Case Tools Trisha Cummings. Our Definition of CASE  CASE is the use of computer-based support in the software development process.  A CASE tool is a.

Case Tools Trisha Cummings. Our Definition of CASE  CASE is the use of computer-based support in the software development process.  A CASE tool is a.
Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.

Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.
Karolina Muszyńska Based on

Karolina Muszyńska Based on
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
1 For System Administrators INFORMATION INFORMATION SYSTEM SECURITY INFORMATION INFORMATION SYSTEM SECURITY.

1 For System Administrators INFORMATION INFORMATION SYSTEM SECURITY INFORMATION INFORMATION SYSTEM SECURITY.
© 2005 Prentice Hall7-1 Stumpf and Teague Object-Oriented Systems Analysis and Design with UML.

© 2005 Prentice Hall7-1 Stumpf and Teague Object-Oriented Systems Analysis and Design with UML.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 8 Slide 1 System models.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 8 Slide 1 System models.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 8 Slide 1 System models September 29, 2008.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 8 Slide 1 System models September 29, 2008.
Introduction to Databases Transparencies

Introduction to Databases Transparencies
Nov. 14, 2007 Systems Engineering ä System ä A set or arrangement of things so related as to form a unity or organic whole. ä A set of facts, principles,

Nov. 14, 2007 Systems Engineering ä System ä A set or arrangement of things so related as to form a unity or organic whole. ä A set of facts, principles,
Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 8 Slide 1 System models.

Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 8 Slide 1 System models.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
Www.ddss.arch.tue.nl 7M822 Software Engineering: System Models 14 September 2009.

7M822 Software Engineering: System Models 14 September 2009.
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Chapter 1: The Database Environment

Chapter 1: The Database Environment
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 7 Slide 1 System models l Abstract descriptions of systems whose requirements are being.

©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 7 Slide 1 System models l Abstract descriptions of systems whose requirements are being.
Chapter 10 Architectural Design

Chapter 10 Architectural Design

Similar presentations

Ads by Google