Presentation is loading. Please wait.

Presentation is loading. Please wait.

High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.

Published byLindsey Price Modified over 8 years ago

Similar presentations

Presentation on theme: "High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran."— Presentation transcript:

1 High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran

2 Outline Computer Security Computer Security Offset reason for security Offset reason for security Security Objective Security Objective Recommendation of product selection Recommendation of product selection Modern approach to measuring assurance Modern approach to measuring assurance Trusted Computer Security Evaluation Criteria Trusted Computer Security Evaluation Criteria ISO standard 15408 ISO standard 15408 Summary Summary

3 Computer Security Establishing defensive perimeter Establishing defensive perimeter Protection of data Protection of data Disaster Recovery and Response Disaster Recovery and Response Authorization of users accessing the system Authorization of users accessing the system

4 Offset reasons Concern of return on investment Concern of return on investment Cost of data recovery Cost of data recovery Liability issues associated with misuse of system resources Liability issues associated with misuse of system resources Business impact of security controls imposed on users of system Business impact of security controls imposed on users of system Monitor activities of authorized users – to ensure proper insider behavior, compliance with mandated procedure, guard against accidental destructive events. Monitor activities of authorized users – to ensure proper insider behavior, compliance with mandated procedure, guard against accidental destructive events.

5 Defensive Objective Create enough penetration difficulty for the attacker so that level of effort to penetrate exceeds the value gained on successful penetration. Create enough penetration difficulty for the attacker so that level of effort to penetrate exceeds the value gained on successful penetration. Management must guard against vulnerability by : purchase of additional hardware or software. Management must guard against vulnerability by : purchase of additional hardware or software. What to purchase based on: what product can be delivered fastest or what sales claim appropriate for situation. What to purchase based on: what product can be delivered fastest or what sales claim appropriate for situation. No guarantee total security and risk present- tend to use high assurance product in attempt to gain confidence in strength of protection we have. No guarantee total security and risk present- tend to use high assurance product in attempt to gain confidence in strength of protection we have. High assurance means a very strong level of confidence in terms of the correct implementation of security protection mechanisms in a product High assurance means a very strong level of confidence in terms of the correct implementation of security protection mechanisms in a product Low Assurance means we have no proof of a correct implementation. Low Assurance means we have no proof of a correct implementation.

6 Overview Assurance: Confidence that product operates as intended. Assurance: Confidence that product operates as intended. Considerations for product and security will address: Considerations for product and security will address: Completeness and strength of the security design architecture Completeness and strength of the security design architecture Addressed by security Engineers with training in Information security or Information Assurance Addressed by security Engineers with training in Information security or Information Assurance Assurance/confidence of the product’s operation Assurance/confidence of the product’s operation Standard for trusted systems: How products are rated today and Critical Evaluation Assurance Level (EAL) is determined by: Standard for trusted systems: How products are rated today and Critical Evaluation Assurance Level (EAL) is determined by: ISO standard 15408 or Common Criteria ISO standard 15408 or Common Criteria Trusted Computer Systems Evaluation Criteria (TCSEC). Trusted Computer Systems Evaluation Criteria (TCSEC). Documents - qualitative measurement of assurance in security software/hardware products Documents - qualitative measurement of assurance in security software/hardware products

7 Product Selection Recommendation from: Recommendation from: technical staff, budget, sales presentation, assertions technical staff, budget, sales presentation, assertions Confidence in correct operation of product comes from- Confidence in correct operation of product comes from- experience, experience, examination of code, examination of code, Independent reviews, Independent reviews, Testing and Testing and certification by experts and others. certification by experts and others. Security engineer should be concerned with information assurance (ISO standard) than computer security Security engineer should be concerned with information assurance (ISO standard) than computer security

8 Product Selection Based on past experience of security engineers Based on past experience of security engineers Selection based on experience of others Selection based on experience of others Third Party testing and evaluation- greatest indicator of assurance in a product. Third Party testing and evaluation- greatest indicator of assurance in a product. Third party conduct a standard suite of test to verify that product does indeed work as vendor claimed. Third party conduct a standard suite of test to verify that product does indeed work as vendor claimed. Third party reviews software code, product documentation to verify correctness of code, absence of hidden functionality and compliance with design specifications. – greater level of assurance that product worked properly as claimed. Third party reviews software code, product documentation to verify correctness of code, absence of hidden functionality and compliance with design specifications. – greater level of assurance that product worked properly as claimed.

9 Trusted Computer Security Evaluation Criteria (TCSEC) Approach to measuring assurance Approach to measuring assurance Evaluations have been conducted since 80’s. Evaluations have been conducted since 80’s. DOD initiative to improve trustworthiness of systems used to process sensitive and classified information. DOD initiative to improve trustworthiness of systems used to process sensitive and classified information. Directed towards ranking O.S as having specific level of assurance Directed towards ranking O.S as having specific level of assurance Computing products are evaluated at each of classes (A, B, C, D) Computing products are evaluated at each of classes (A, B, C, D) If a C or B product was purchased, the buyer was assured that specific functions were included in the product along with a specific level of trust. If a C or B product was purchased, the buyer was assured that specific functions were included in the product along with a specific level of trust.

10 Classes of Assurance Trusted Computing base (TCB) hardware and software components present in the system that provide for security functionality. Trusted Computing base (TCB) hardware and software components present in the system that provide for security functionality. D: Minimal Protection D: Minimal Protection Reserved for evaluated systems but failed to meet the requirements for higher evaluation class Reserved for evaluated systems but failed to meet the requirements for higher evaluation class C1: Discretionary security protection C1: Discretionary security protection Separation of users and data. Users are able to protect private information and keep other users form accidental reading or deletion of data Separation of users and data. Users are able to protect private information and keep other users form accidental reading or deletion of data C2: Controlled access protection C2: Controlled access protection Finer controls than C1 systems. Individual accounted for action thru login procedure, auditing of security and resource isolation. Finer controls than C1 systems. Individual accounted for action thru login procedure, auditing of security and resource isolation. B1:Labled security protection B1:Labled security protection Requires all features of class C2. In addition informal statement of security policy model, data labeling and mandatory access control over named subjects must be present. Requires all features of class C2. In addition informal statement of security policy model, data labeling and mandatory access control over named subjects must be present.

11 Classes of Assurance B2: Structured Protection B2: Structured Protection Strengthened authentication mechanism Strengthened authentication mechanism Stringent configuration management controls Stringent configuration management controls Resistant to penetration Resistant to penetration B3: Security Domains B3: Security Domains Security admin is supported Security admin is supported System recovery procedures are required. System recovery procedures are required. System is highly resistant to penetration System is highly resistant to penetration A1: Verified Design A1: Verified Design Functionally equivalent to class B3. No additional policy requirements are added. Functionally equivalent to class B3. No additional policy requirements are added. High degree of assurance that trusted computing is correctly implemented. High degree of assurance that trusted computing is correctly implemented.

12 Common Criteria(CC):ISO 15408 Widely used assurance measure of security products Widely used assurance measure of security products International standard replaced TCSEC International standard replaced TCSEC Evaluation done by private lab certified by appropriate government Evaluation done by private lab certified by appropriate government CC allows third party labs to review the product for : CC allows third party labs to review the product for : Compliance with product specification: Protection Profile (PP) Compliance with product specification: Protection Profile (PP) Report concerning compliance to specification: Security Target Report concerning compliance to specification: Security Target Hierarchical system of evaluation Hierarchical system of evaluation Evaluation Assurance Level (EAL) 1 – low, 7- High Evaluation Assurance Level (EAL) 1 – low, 7- High 1 to 4 : Adequate for sensitive industrial use 1 to 4 : Adequate for sensitive industrial use 5 to 7: Assurance for sensitive government applications. 5 to 7: Assurance for sensitive government applications.

13 CC Product at EAL 1- “functionally tested” Product at EAL 1- “functionally tested” Refers as blackbox testing- code not examined but test cases designed Refers as blackbox testing- code not examined but test cases designed Product performs in accordance with documentation. Product performs in accordance with documentation. Evaluation conducted at any lab certified by CC are acceptable. Evaluation conducted at any lab certified by CC are acceptable. Evaluations are quite expensive — an EAL 2 product evaluation will often cost at least $250,000. Quite prohibitive for small companies. Evaluations are quite expensive — an EAL 2 product evaluation will often cost at least $250,000. Quite prohibitive for small companies. list of certified products can be found at http://www.niap.nist.gov list of certified products can be found at http://www.niap.nist.gov

14 Summary Evaluation comparisons between CC, TCSEC and ITSEC(Interim European evaluation criteria) Evaluation comparisons between CC, TCSEC and ITSEC(Interim European evaluation criteria) Prevention, detection and Mitigation Strategies Source: Idea Group Publishing

15 Summary Areas of concerns for security engineer- Prevention, detection and response recovery. Areas of concerns for security engineer- Prevention, detection and response recovery. CC gains acceptance and strength in government and commercial market CC gains acceptance and strength in government and commercial market 170 IT products evaluated till 2004 170 IT products evaluated till 2004 EAL ratings 1 through 5 – products can be selected with little assurance. EAL ratings 1 through 5 – products can be selected with little assurance.

Download ppt "High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran."

Similar presentations

Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
Configuration Management

Configuration Management
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
IT Security Evaluation By Sandeep Joshi

IT Security Evaluation By Sandeep Joshi
Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.

Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.
The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.

The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Information Systems Audit Program. Benefit Audit programs are necessary to perform an effective and efficient audit. Audit programs are essentially checklists.

Information Systems Audit Program. Benefit Audit programs are necessary to perform an effective and efficient audit. Audit programs are essentially checklists.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Secure Operating Systems Lesson 0x11h: Systems Assurance.

Secure Operating Systems Lesson 0x11h: Systems Assurance.
1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.

1 Evaluating Systems CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 6, 2004.
Security Controls – What Works

Security Controls – What Works
COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.

COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.

Similar presentations

Ads by Google