1 / 26

TCSEC: The Orange Book

TCSEC: The Orange Book. TCSEC Purpose. Establish best practices Requirements for assessing the effectiveness of security controls Measure computing resource security Evaluate, classify, and select systems considered for computing resources. TCSEC: Purpose.

libitha
Download Presentation

TCSEC: The Orange Book

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TCSEC: The Orange Book

  2. TCSEC Purpose • Establish best practices • Requirements for assessing the effectiveness of security controls • Measure computing resource security • Evaluate, classify, and select systems considered for computing resources

  3. TCSEC: Purpose • Guidance – provides guidance on how to design a trusted computing system along with their associated data and services • Metrics – provides a metric (classification) for determining the level of trust assigned to a computing system.

  4. Orange Book: Metrics • Measurement of a system's security is quantified using a classification system. • The Classes are: • D • C1 & C2 • B1, B2, B3 • A1 • A is more secure than D • 2 is more secure than 1.

  5. Orange Book: Metrics • The rating system is hierarchical • D applies to any system that fails to meet any of the higher level security classes. • The other levels have increasing security requirements. • A1 systems would be rare.

  6. Disclaimer • An A1 system is not 100% secure. • The risk level is expected to be lower compared to the other levels

  7. Metrics: C1 • Identification and authentication (user id & password) • DAC – (Discretionary Access Controls) • capable of enforcing access controls • Example: Basic Unix/Linux OS, user, group, other.

  8. Metrics: C2 • C1 plus • Audit trails • System documentation and user manuals.

  9. Metrics B1 • C2 plus • Discovered weaknesses must be mitigated

  10. Metrics B2 • B1 plus • Security policy must be defined and documented • Access controls for all subjects and objects

  11. Metrics: B3 • B2 plus • Automated imminent intrusion detection, notification and response.

  12. Metrics: A1 • B3 + • System is capable of secure distribution (can be transported and delivered to a client with the assurance of being secure)

  13. Orange Book Security Criteria • Security Policy • Accountability • Assurance • Documentation

  14. 1. Security Policy • The set of rules and practices that regulate how an organization manages, protects, and distributes information.

  15. 1. Security Policy • The policy is organized into subjects and objects. • Subjects act upon objects • Subjects – processes and users. • Objects – data, directories, hardware, applications • A well defined access control model determines if a subject can be permitted access to an object.

  16. Security Policy Top secret, secret, classified, non-classified Need-to-know, job division, job rotation, NDA, etc.

  17. 2. Accountability • The responsibilities of all who come in contact with the system must be well defined. • Identification (… the process to identify a user) • Auditing (...accumulating and reviewing log information and all actions can be traced to a subject) • Organizational chart • Job description contract, AUP, NDA, SLA

  18. 3. Assurance • The reasonable expectation that the security policy of a trusted system has been implemented correctly and works as intended. • Assurance is organized into • Operational assurance • Life-cycle assurance

  19. 3a. Organizational Assurance • Security policy is maintained in the overall design and operation of the system. • Example: Users of the system have an assurance that access controls are enforced

  20. 3b. Life-cycle Assurance • Insuring the system continues to meet the security requirements over the lifetime of the system. • Updates to the software and hardware must be considered • The expectation that the system remains operational (is available) over its lifetime • Sustainability-cycle

  21. 4. Documentation Requirements • Security Features User's Guide • Trusted Facility Manual • Test Documentation • Design Documentation

  22. Documentation: Security Features User's Guide • Aimed at the ordinary (non-privileged) users. • General usage policy • *Instructions on how to effectively use the system • Description of relevant security features

  23. Documentation: Trusted Facility Manual • Aimed at the S.A. Staff • How the system is configured and maintained • Includes the day-to-day required activities • Backups • Reviewing security logs

  24. Documentation: Test Documentation • Instructions on how to test the required security mechanisms

  25. Documentation: Design Documentation • Define the boundaries of the system • A complete description of the hardware and software. • Complete system design specifications • Description of access controls

  26. The Orange Book • The Orange book has been superseded by the Common Criteria

More Related