1 / 31

Common Criteria Evaluation and Validation Scheme Syed Naqvi S.Naqvi@rl.ac.uk XtreemOS Training Day

Common Criteria Evaluation and Validation Scheme Syed Naqvi S.Naqvi@rl.ac.uk XtreemOS Training Day. Formal Security Evaluations. Independent (third party) attestation of a developer’s security claims against a defined security evaluation criteria.

nessa
Download Presentation

Common Criteria Evaluation and Validation Scheme Syed Naqvi S.Naqvi@rl.ac.uk XtreemOS Training Day

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Common CriteriaEvaluation and Validation Scheme Syed Naqvi S.Naqvi@rl.ac.uk XtreemOS Training Day

  2. Formal Security Evaluations • Independent (third party) attestation of a developer’s security claims against a defined security evaluation criteria. • Evaluations result in independent measure of assurance, therefore build confidence in security. • Secures development process and yields better product. • Comprehensive security solutions cannot be evaluated by simple examination!

  3. Evolution of Evaluations Criteria TCSEC Canadian Criteria 1985 1993 UK CLs 1989 German Criteria Federal Criteria Draft 1993 ITSEC French Criteria 1991 v1.0 1996 v2.0 1998v3.0 2005 Dutch Criteria ISO/IEC 15408

  4. Common Criteria Purpose • From the User perspective: • A way to define Information Technology (IT) security requirements for some IT products: • Hardware • Software • Combinations of above • From the Developer/Vendor perspective: • A way to describe security capabilities of their specific product • From the Evaluator/Scheme perspective: • A tool to measure the belief we may attain about the security characteristics of a product.

  5. Common Criteria Terminologies • PP : Protection Profile contains a set of Functional and Assurance requirements for a product or system written to be implementation independent • ST : Security Target contains the requirements that the specific product or system under evaluation conforms to, written to be implementation dependent • TOE : Target of Evaluation product or system that is to be evaluated against the criteria detailed in the Security Target • EAL : Evaluation Assurance Level contains specific and building assurance requirements in each level. CC defines EAL 1 through 7, with EAL7 being the highest. • SOF : Strength of Function a qualification of a TOE Security Function expressing the minimal efforts assumed to defeat its security mechanisms.

  6. Common Criteria Model Helmut Kurth, How Useful are Product Security Certifications for Users of the Product, June 2005

  7. Evaluation Assurance Levels • Functionally tested • Structurally tested • Methodically tested and checked • Methodically designed, tested, and reviewed • Semi-formally designed and tested • Semi-formally verified design and tested • Formally verified design and tested

  8. CC Evaluation Example

  9. Target of Evaluation (TOE)

  10. Evaluated Configuration

  11. Evaluated Configuration

  12. Security Environment

  13. Security Objectives

  14. Security Objectives

  15. Security Requirements • Security Functional Requirements Class FAU: Security Audit Class FPR: Privacy Class FCO: Communication Class FPT: Protection of the TSF Class FCS: Cryptographic Support Class FRU: Resource Utilization Class FDP: User Data Protection Class FTA: TOE Access Class FMT: Security Management Class FTP: Trusted Path/ChannelsClass FIA: Identification & Authentication • Security Assurance Requirements Class ACM: Configuration & Management Class AVA: Vulnerability Assessment Class ADO: Delivery & Operation Class ADV: Development Class ALC: Life Cycle Support Class ATE: Tests Class AGD: Guidance Documents

  16. Functional Requirements

  17. Functional Requirements > --------------------------------------------------------------------------------------------------------- < > --------------------------------------------------------------------------------------------------------- <

  18. Functional Requirements

  19. Assurance Requirements

  20. Assurance Requirements

  21. Assurance Requirements

  22. Security Rationale

  23. Security Objectives Rationale

  24. Security Objectives Rationale

  25. Security Requirements Rationale

  26. Security Requirements Rationale

  27. Dependencies

  28. Thank you Syed Naqvi CoreGRID Research Fellow E-Science Systems Research DepartmentCCLRC Rutherford Appleton Laboratory, UK S.Naqvi@rl.ac.uk

More Related