Trusted OS Design CS461/ECE422
|
|
- Baldwin Dorsey
- 5 years ago
- Views:
Transcription
1 Trusted OS Design CS461/ECE422 1
2 Reading Material Section 5.4 of Security in Computing 2
3 Design Principles Security Features Kernelized Design Virtualization Overview 3
4 Design Principles Simplicity Less to go wrong Fewer possible inconsistencies Easy to understand Restriction Minimize access Inhibit communication Saltzer and Schroeder 75 4
5 Economy of Mechanism Keep the design as simple and small as possible Simpler means less can go wrong And when errors occur, they are easier to understand and fix Interfaces and interactions 5
6 Fail-Safe Defaults Base access decisions on permission rather than exclusion Burden of proof is on the principal seeking permission If the protection system fails, then legitimate access is denied but illegitimate access is also denied 6
7 Complete Mediation Every access to every object must be checked for authority Usually done once, on first action UNIX: access checked on open, not checked thereafter If permissions change after, may get unauthorized access Proposals to gain performance by remembering the result of an authority check should be examined skeptically 7
8 Open Design The design should not be secret Do not depend on secrecy of design or implementation Popularly misunderstood to mean that source code should be public Security through obscurity Does not apply to information such as passwords or cryptographic keys 8
9 Separation of Privilege Where feasible, a protection mechanism that requires two keys to unlock it is more robust and flexible than one that allows access to the presenter of only a single key. Require multiple conditions to grant privilege Separation of duty Defense in depth 9
10 Least Privilege Every program and every user of the system should operate using the least set of privileges necessary to complete the job A subject should be given only those privileges necessary to complete its task Function, not identity, controls Rights added as needed, discarded after use Minimal protection domain 10
11 Least Common Mechanism Minimize the amount of mechanism common to more than one user and depended on by all users Mechanisms should not be shared Information can flow along shared channels Covert channels Isolation Virtual machines Sandboxes 11
12 Psychological Acceptability It is essential that the human interface be designed for ease of use so that users routinely and automatically accept the protection mechanisms correctly Security mechanisms should not add to difficulty of accessing resource Hide complexity introduced by security mechanisms Ease of installation, configuration, use Human factors critical here 12
13 Security Features Identification and Authentication MAC vs DAC Object Reuse Protection Prevent leaks via reallocation Clean before re-use 13
14 More Security Features Complete Mediation Mediate all means of access File access plus direct memory access if possible Mediate on each access, not generally done for files 14
15 More Security Features Trusted Path Give end user means to determine they are really talking with OS Secure Attention Key (SAK): key sequence that cannot be intercepted by non-os Ctl-Alt-Del in Windows Rootkit Or security relevant changes only made during system boot What about networked applications? 15
16 More Security Features Audit Must be able to review and recreate security relevant changes Must protect log Log growth Originally assumed security officer would review directly Can by used for backing evidence Really want to detect anomalies Intrusion detection 16
17 Kernelized design Contain security feature implementation in a security kernel Coverage Separation Unity Modifiability Compactness Verifiability User Space OS Kernel Security Kernel 17
18 Reference Monitor Reference Monitor abstract machine that mediates all access to objects by subjects Reference Validation Mechanism (RVM) Implementation of a Reference Monitor Tamper-proof Well defined Never bypassed Small enough for analysis and testing 18
19 Trusted Computing Base (TCB) Includes all protection mechanisms including HW, firmware, and software responsible for enforcing the security policy Strong boundary around the TCB is critical Any code trusted by element of TCB must be part of TCB too. If portion of TCB is corrupted, must consider that all of the TCB can be corrupted 19
20 TCB Components TCB can include Hardware Primitive files Authentication info Access Control info Protected Memory For Reference Monitor Execution Some inter-process communication 20
21 TCB/non-TCB Function Split 21
22 TCB Implementation Ideally TCB a separate security kernel e.g. SCOMP, 10K lines of code in security kernel Generally not feasible for retrofitted kernel Most all trusted Unix variants Security relevant functionality distributed through OS kernel 22
23 Virtualization Can design virtualization layer to separate multiple users Memory virtualization As exemplified by IBM MVS Virtual machines Book discusses IBM PR/SM More recently exemplified in VMWare and XEN Malicious program could not access other virtual memory space or machine Unless they attack virtualization mechanism 23
24 Memory Virtualization 24
25 Machine Virtualization 25
26 Key Points Principles of secure design underlie all securityrelated mechanisms Require: Good understanding of goal of mechanism and environment in which it is to be used Careful analysis and design Careful implementation 26
27 Evaluating Systems Information Assurance CS461/ECE422 27
28 Reading Material Chapter 5.5 of Security in Computing The orange book and the whole rainbow series The common criteria Lists all evaluated protection profiles and products 28
29 Outline Motivation for system evaluation Specific evaluation systems TCSEC/Orange Book Interim systems Common Criteria 29
30 Evaluation Goals Oriented to purchaser/user of system Assurance that system operates as advertised 30
31 Evaluation Options Rely on vendor/developer evidence Self-evaluate vendor design docs, test results, etc Base on reputation of vendor Rely on an expert Read product evaluations from trusted source Penetration testing 31
32 Formal Verification Validation Requirements checking Design and Code review System Testing Evaluation Options 32
33 Formal Evaluation Provide a systematic framework for system evaluation More consistent evaluation Better basis for comparing similar product Trusted third party system for evaluation Originally driven by needs of government and military 33
34 TCSEC: Trusted Computer System Evaluation Criteria (TCSEC) also called the Orange Book Specifies evaluation classes (D, C1, C2, B1, B2, B3, A1) Specifies functionality and assurance requirements for each class Functional Model builds on BLP (Bell-LaPadula model, mandatory labelling) Reference Monitors 34
35 TCSEC Functional Requirements DAC Object Reuse Sufficient clearing of objects between uses in resource pool E.g. zero pages in memory system MAC and Labels Identification and Authentication Audit requirements increase at higher classes Trusted Path Non-spoofable means to interact with TCB Ctl-Alt-Del in Windows 35
36 TCSEC Assurance Requirements Configuration Management For TCB Trusted Distribution Integrity of mapping between master and installations System Architecture Small and modular Design Specification vary between classes Verification Vary between classes Testing Product Documentation 36
37 TCSEC Classes D Minimal Protection C1 Discretionary Protection Identification and authentication and DAC users processing data at common sensitivity level, separates users from data Minimal Assurance, may be based on features, not evaluation C2 Control access protection Adds object reuse and auditing More testing requirements Windows NT 3.5 evaluated C2 37
38 TCSEC Classes B1 Labeled Security Protection Adds MAC for some objects Controlled objects labeled, access control based on these Stronger testing requirements. Information model of security policy. Bell-LaPadula model. Trusted Unixes tended to be B1 B2 Structured protection Design and implementation must enable thorough testing & review well-defined largely independent modules MAC for all objects, including devices. Additional logging. Trusted Path. Least privilege. Covert channel analysis, configuration management, more documentation, formal model of security policy 38
39 TCSEC Classes B3 Security Domains Requirements on code modularity, layering, simplicity. Argument (short of proof) that implementation meets design specifications Tamper-proof implementation, highly resistant to penetration More stringent testing and documentation. A1 verified protection Same functional requirements as B3 Five criteria Formal model of protection and proofs of consistency/adequacy Formal specification fo protection system Demonstration that specification corresponds to model of protection proof that implementation is consistent with specification Formal analysis of covert channel Existence proof : Honeywell s SCOMP 39
40 TCSEC Evaluation process Originally controlled by government No fee to vendor May reject evaluation application if product not of interest to government Later introduced fee-based evaluation labs Evaluation phases Design analysis no source code access Test analysis Final review 40
41 TCSEC Evaluation Issues Focused on operating systems Evaluating a specific configuration E.g., Window NT, no applications installed, no network New patches, versions require re-certification Ratings Maintenance Program introduced to ease recertifications Incremental changes documented, re-evaluated Long time for evaluation Sometimes product was obsolete before evaluation finished Criteria Creep B1 means something more in 1999 than it did in
42 Interim Efforts in the 90s Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) Information Technology Security Evaluation Criteria (ITSEC) Western Europe Commercial International Security Requirements (CISR) AmEx and EDS Federal Criteria NSA and NIST 42
43 FIPS 140 Federal Information Processing Standards Framework for evaluating Cryptographic Modules Still in Use Addresses Functionality Assurance Physical security Level 1 - algorithm be FIPS approved, can run on COTS device Level 2 - physical security, role-based auth., s/w crypto in multiprocessors Level 3 - enhanced physical security. Level 4 - physical tamper detection/response. Level 3 and 4 devices may be used with suitably well criterianed OS 43
44 Common Criteria 1998 to today Pulls together international evaluation efforts Evaluations mean something between countries Three top level documents Common Criteria Documents Describe functional and assurance requirements. Defines Evaluation Assurance Levels (EALs) CC Evaluation Methodology (CEM) More details on the valuation. Complete through EAL5 (at least) Evaluation Scheme National specific rules for how CC evals are performed in that country Directed by NIST in US 44
45 CC Terminology Target of Evaluation (TOE) The product being evaluated TOE Security Policy (TSP) Rules that regulate how assets are managed, protected, and distributed in a product TOE Security Functions (TSF) Implementation of the TSP (all hardware, software, firmware relied upon for the correct enforcement of TSP) CC evaluates protection profiles, and products/systems against a pre-defined (or user-defined) Evaluation Assurance Level (EAL) 45
46 Protection Profile (PP) Profile that describes the security requirements for a class of products Implementation-independent, targets products or systems for specific consumer needs Stated in terms of threats, environmental issues and assumptions, security objectives. List of PP s Replaces the fixed set of classes from TCSEC ISSO created some initial profiles to match TCSEC classes Controlled Access Protection Profile (CAPP) corresponds to C2 Labeled Security Protection Profile (LSPP) corresponds to B1 46
47 PP Format A PP has 6 sections Introduction : PP identification, overview (narrative summary) Product or System Family Description : type and general IT features. Context of use. Product or System Family Security Environment : assumptions about use and environment. Threats requiring protection. Organization policies required. Security Objectives : Two types. For product/system : trace objectives to specified threats and policies. For environment: traced to threats not countered by product or by assumptions about product. IT Security Objectives : Functional (drawn from CC, or other). Security Assurance : based on an EAL Rationale : Two parts. Objectives: trace stated objectives to all assumptions, threats, organizational policies. Requirements : show are traceable to objectives, and meet them.
48 Product Evaluation Define a security target (ST) Structured very much like a PP, except with more implementation specificity May leverage an evaluated protection profile Evaluated with respect to the ST 48
49 CC Functional Requirements Defined in a taxonomy Top level 11 classes E.g., FAU Security audit and FDP User Data Protection Each class divided into families E.g., FDP_ACC Access control policy Each family divided into components E.g., FDP_ACC.2 Complete access control Each component contains requirements and dependencies on other requirements 49
50 CC Classes FAU : Security Audit FCO : Communication Address non-repudiation FCS : Crypto support Key management, other FDP : User Data Protection Policies for access control, information flow. FIA : Identification and authorization FMT : Security management Attributes, management of functions in TSF, revocation FPR : Privacy Anonymity, unobservability FPT: Protection of Security Functions Physical; many logical selftests, integrity checks FRU : Resource Utilization Fault tolerance, priorities, allocation FTA : TOE Access Concurrency, session locking, access banners FTP : Trusted path
51 CC Assurance Requirements Similar class, family, component taxonomy Eight product oriented assurance classes ACM Configuration Management ADO Delivery and Operation ADV Development AGD Guidance Documentation ALC Life Cycle ATE Tests AVA Vulnerability Analysis AMA Maintenance of Assurance 51
52 Evaluation Assurance Levels 7 fixed EALs EAL1 Functionality Tested EAL2 Structurally Tested EAL3 Methodically tested and checked Analogous to C2 EAL4 Methodically Designed, Tested, and Reviewed EAL5 Semiformally Designed and Tested EAL6 Semiformally Verified Design and Tested EAL7 Formally Verified Design and Tested 52
53 CC Evaluation Process in US NIST provides accreditation of third party evaluation labs Vendor pays lab Lab works with oversight board Evaluate both PP s and Products List of evaluated products 53
54 Key Points Evaluation for the benefit of the customer Product Evaluations Functional Requirements Assurance Requirements 54
Chapter 18: Evaluating Systems
Chapter 18: Evaluating Systems Goals Trusted Computer System Evaluation Criteria FIPS 140 Common Criteria SSE-CMM Slide #18-1 Overview Goals Why evaluate? Evaluation criteria TCSEC (aka Orange Book) FIPS
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More informationCommon Criteria. Introduction Emilie Barse Magnus Ahlbin
Common Criteria Introduction 2015-02-23 Emilie Barse Magnus Ahlbin 1 Magnus Ahlbin Head of EC/ITSEF Information and Security Combitech AB SE-351 80 Växjö Sweden magnus.ahlbin@combitech.se www.combitech.se
More informationIntroduction to Assurance
Introduction to Assurance Overview Why assurance? Trust and assurance Life cycle and assurance April 1, 2015 Slide #1 Overview Trust Problems from lack of assurance Types of assurance Life cycle and assurance
More informationSecurity System and COntrol 1
Security System and COntrol 1 Security Management By: Joseph Ronald Canedo It is a Risky World Vulnerabilities Security objectives: Prevent attacks Detect attacks Recover from attacks Attacks: against
More informationIntroduction to Computer Security
Introduction to Computer Security Instructor: Mahadevan Gomathisankaran mgomathi@unt.edu 1 Introduction So you can specify a well-thought-out policy and a concrete model now what? Now it s time for a system
More informationT Salausjärjestelmät (Cryptosystems) Introduction to the second part of the course. Outline. What we'll cover. Requirements and design issues
T-110.470 Salausjärjestelmät (Cryptosystems) Requirements and design issues Introduction to the second part of the course 25.10.2004 1 3 Outline What we'll cover Introduction to the second part of the
More informationCCM 4350 Week 22. Security Architecture and Engineering. Dr A. Lasebae School of Science and Technology CCM4350 1
CCM 4350 Week 22 Security Architecture and Engineering Dr A. Lasebae School of Science and Technology CCM4350 1 Security Evaluation CCM4350 2 Security Evaluation How do you get assurance that your computer
More information2 Common Criteria An Introduction
2An Introduction The CC combines the best aspects of existing criteria for the security evaluation of information technology systems and products. This document provides a summary of the principal features
More informationRedCastle v3.0 for Asianux Server 3 Certification Report
KECS-CR-08-21 RedCastle v3.0 for Asianux Server 3 Certification Report Certification No.: KECS-CISS-0104-2008 April 2008 IT Security Certification Center National Intelligence Service This document is
More informationComputer Security CS 426 Lecture 17
Computer Security CS 426 Lecture 17 Trusted Computing Base. Orange Book, Common Criteria Elisa Bertino Purdue University IN, USA bertino@cs.purdue.edu 1 Trusted vs. Trustworthy A component of a system
More informationLast time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control
Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating
More informationOperating System Security, Continued CS 136 Computer Security Peter Reiher January 29, 2008
Operating System Security, Continued CS 136 Computer Security Peter Reiher January 29, 2008 Page 1 Outline Designing secure operating systems Assuring OS security TPM and trusted computing Page 2 Desired
More informationModule 6: Network and Information Security and Privacy. Session 3: Information Security Methodology. Presenter: Freddy Tan
Module 6: Network and Information Security and Privacy Session 3: Information Security Methodology Presenter: Freddy Tan Learning Objectives Understanding the administrative, physical, and technical aspects
More informationNational Information Assurance Partnership
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report For VMware ESX Server 2.5.0 and VirtualCenter 1.2.0 Report Number: CCEVS-VR-06-0013 Dated:
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Blue Ridge Networks BorderGuard Centrally Managed Embedded PKI Virtual Private Network (VPN)
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationCertification Report
Certification Report EAL 2+ Evaluation of EMC Celerra Network Server Version 5.5 running on EMC Celerra NSX and EMC Celerra NS series Issued by: Communications Security Establishment Certification Body
More informationAdvanced Systems Security: Multics
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationCertification Report
Certification Report EMC VNX OE for Block v05.33 and File v8.1 with Unisphere v1.3 running on VNX Series Hardware Models VNX5200, VNX5400, VNX5600, VNX5800, VNX7600, and VNX8000 Issued by: Communications
More informationCYSE 411/AIT 681 Secure Software Engineering Topic #3. Risk Management
CYSE 411/AIT 681 Secure Software Engineering Topic #3. Risk Management Instructor: Dr. Kun Sun Outline 1. Risk management 2. Standards on Evaluating Secure System 3. Security Analysis using Security Metrics
More informationPrinciples of Designing Secure Systems
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Principles of Designing Secure Systems CPEN 442 learning objectives explain the principles recognize the principles in real-world designs explain
More informationCertification Report
Certification Report EAL 4+ Evaluation of Firewall Enterprise v8.2.0 and Firewall Enterprise Control Center v5.2.0 Issued by: Communications Security Establishment Canada Certification Body Canadian Common
More informationChapter 13: Design Principles
Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological Acceptability
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT CA Privileged Access Manager Version 2.5.5 v1.2 8 August 2016 FOREWORD This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief,
More informationLecture 15 Designing Trusted Operating Systems
Lecture 15 Designing Trusted Operating Systems Thierry Sans 15-349: Introduction to Computer and Network Security Anatomy of an operating system Concept of Kernel Definition Component that provides an
More informationUNICOS/mp Common Criteria Evaluation
UNICOS/mp Common Criteria Evaluation Janet Lebens, Cray Inc. Cray Proprietary Agenda Definitions NIAP CCEVS Common Criteria CC vs TCSEC Why Evaluate? Steps of Evaluation Details of Steps for Cray / Progress
More informationPrinciples of Designing Secure Systems
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Principles of Designing Secure Systems EECE 412 Who Am I name: San-Tsai Sun PhD candidate/ta 412 for 3 terms web application security security
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Microsoft Corporation Windows 2000 Report Number: CCEVS-VR-02-0025 Dated: 25 October 2002
More informationNational Information Assurance Partnership
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Sun Java System Identity Manager v5.0 Report Number: CCEVS-VR-05-0117 Dated: 6 September
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT McAfee Policy Auditor 6.4 with epolicy Orchestrator 5.10 5 November 2018 383-4-455 V1.0 Government of Canada. This document is the property of the Government of Canada.
More informationCertification Report
Certification Report McAfee File and Removable Media Protection 4.3.1 and epolicy Orchestrator 5.1.2 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report McAfee Management for Optimized Virtual Environments Antivirus 3.0.0 with epolicy Orchestrator 5.1.1 Issued by: Communications Security Establishment Certification Body Canadian Common
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report. for
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme TM Validation Report for Report Number: CCEVS-VR-10746-2016 Dated: November 10, 2016 Version: 1.0 National Institute
More informationApplied IT Security. Device Security. Dr. Stephan Spitz 10 Development Security. Applied IT Security, Dr.
Applied IT Security Device Security Dr. Stephan Spitz Stephan.Spitz@gi-de.com Overview & Basics System Security Network Protocols and the Internet Operating Systems and Applications Operating System Security
More informationBrocade MLXe Family Devices with Multi- Service IronWare R
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme TM Validation Report Brocade Communication Systems, Inc 130 Holger Way San Jose, CA 95134 Brocade MLXe Family
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT VMware Horizon 6 version 6.2.2 and Horizon Client 3.5.2 12 August 2016 v1.0 File Number 383-4-356 Government of Canada. This document is the property of the Government
More informationNational Information Assurance Partnership
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Protection Profile for IPsec Virtual Private Network (VPN) Clients, Version 1.1 Report Number:
More informationBSI-CC-PP-0088-V for
BSI-CC-PP-0088-V2-2017 for Base Protection Profile for Database Management Systems (DBMS PP) Version 2.12 and DBMS PP Extended Package - Access History (DBMS PP_EP_AH) Version 1.02 developed by DBMS Working
More informationCertification Report
Certification Report Standard Edition v2.8.2 RELEASE Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationBrocade FastIron SX, ICX, and FCX Series Switch/Router
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme TM Validation Report Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 Brocade FastIron
More informationNational Information Assurance Partnership
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report TippingPoint Intrusion Protection System (IPS) E-Series (5000E, 2400E, 1200E, 600E, 210E),
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report Protection Profile for Voice over IP (VoIP) Applications, Version 1.3, November 3, 2014 TM
More informationCertification Report
Certification Report Owl DualDiode Communication Cards v7 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Secure Systems Limited Silicon Data Vault Laptop Version SDV18A03-A2-0003 and Desktop Version
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT EMC VPLEX v5.5 Version 1.0 11 May 2016 FOREWORD This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief, Communications Security
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme NetScreen Technologies, Incorporated Report Number: CCEVS-VR-02-0027 Version 1.0 Dated: 30 November 2002 National
More informationUS Government. Directory Protection Profile For. Medium Robustness Environments
Directory PP for Medium Robustness US Government Directory Protection Profile For Medium Robustness Environments 1 September 2004 Version 1 Revisions FORWARD Directory PP for Medium Robustness This document
More informationInformation security audits & certification. Security in Organizations 2011 Eric Verheul
Information security audits & certification Security in Organizations 2011 Eric Verheul 1 Main literature for this lecture: Literature 1. NOREA beroepsregels http://www.norea.nl/norea/thema's/gedrags-
More informationRemote Communication Gate A
Page 1 of 41 Remote Communication Gate A Security Target Author: RICOH COMPANY, LTD. Date: 2010-09-27 Version: 1.00. This document is a translation of the evaluated and certified security target written
More informationSession objectives. Security Evaluation. Evaluation Standards. Can we trust a secure product/system? CSM27 Computer Security
Overview Session objectives Security Evaluation CSM27 Computer Security Dr Hans Georg Schaathun University of Surrey Discuss advantages and limitations of security evaluations Clarify fundamental concepts
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT CA Technologies CA API Gateway v9.2 10 October 2017 383-4-417 V 1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be
More informationBMC Software, PATROL Perform/Predict, Version Security Target
, PATROL Perform/Predict, Version 6.5.30 Security Target Version 1.0 March 15, 2002 Prepared for:, Inc. 2101 City West Boulevard Houston, TX 77042 Prepared by: Computer Sciences Corporation 132 National
More informationIT Security Evaluation : Common Criteria
AfriNIC-9 MEETING Mauritius 22-28 November 2008 IT Security Evaluation : Common Criteria Ministry of Communication Technologies National Digital Certification Agency Mounir Ferjani November 2008 afrinic
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report. for
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report for Microsoft Windows 10 Anniversary Update IPsec VPN Client TM Report Number: CCEVS-VR-VID10753-2016
More informationDevelopment of Informal Security Policy Models
Development of Informal Security Policy Models Erin Connor, Mark Gauvreau, and Samuel E. Moore EWA-Canada 19 September 2006 Presenter: Erin Connor (econnor@ewa-canada.com) Overview Introduction To EWA-Canada
More informationCertification Report
Certification Report EAL 3+ Evaluation of Xerox WorkCentre 5632/5638/5645/5655/5665/5675/5687 Multifunction Systems Issued by: Communications Security Establishment Canada Certification Body Canadian Common
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Delta Security Technologies Sentinel Model III Computer Security System Report Number: CCEVS-VR-02-0023
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report TM QRadar V5.1.2 Report Number: Dated: January 26, 2007 Version: 1.1 National Institute of
More informationCertification Report
Certification Report EAL 2+ Evaluation of Verdasys Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Dell EMC Unity OE 4.2 383-4-421 22 September 2017 Version 1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be altered,
More informationCertification Report
Certification Report McAfee Enterprise Security Manager with Event Receiver, Enterprise Log Manager, Advanced Correlation Engine, Application Data Monitor and Database Event Monitor 9.1 Issued by: Communications
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT WorkCentre 7525/7530/7535/7545/7556 with FIPS 140-2 Compliance over SNMPv3 25 July 2016 v1.0 383-4-371 Government of Canada. This document is the property of the Government
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Innovation Data Processing FDRERASE Version 5.4, Level 50 Report Number: CCEVS-VR-05-0109
More informationLast time. User Authentication. Security Policies and Models. Beyond passwords Biometrics
Last time User Authentication Beyond passwords Biometrics Security Policies and Models Trusted Operating Systems and Software Military and Commercial Security Policies 9-1 This time Security Policies and
More informationCertification Report
Certification Report EAL 4+ Evaluation of WatchGuard and Fireware XTM Operating System v11.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationCC Part 3 and the CEM Security Assurance and Evaluation Methodology. Su-en Yek Australasian CC Scheme
CC Part 3 and the CEM Security Assurance and Evaluation Methodology Su-en Yek Australasian CC Scheme What This Tutorial Is An explanation of where Security Assurance Requirements fit in the CC evaluation
More informationCertification Report
Certification Report EAL 4+ Evaluation of Version 2.6 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Network Device collaborative Protection Profile Extended Package SIP Server 383-6-4 9 August 2017 Version 1.0 Government of Canada. This document is the property of
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationCS6501: Great Works in Computer Science
CS6501: Great Works in Computer Science Jan. 29th 2013 Longze Chen The Protection of Information in Computer Systems Jerome H. Saltzer and Michael D. Schroeder Jerry Saltzer Michael Schroeder 1 The Meaning
More informationCertification Report
Certification Report EAL 2+ Evaluation of Data ONTAP Version 7.2.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme
More informationCertification Report
Certification Report Symantec Security Information Manager 4.8.1 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More information- Table of Contents -
- Table of Contents - 1 INTRODUCTION... 1 1.1 OBJECTIVES OF THIS GUIDE... 1 1.2 ORGANIZATION OF THIS GUIDE... 2 1.3 COMMON CRITERIA STANDARDS DOCUMENTS... 3 1.4 TERMS AND DEFINITIONS... 5 2 BASIC KNOWLEDGE
More informationCertification Report
Certification Report EAL 2+ Evaluation of McAfee Deep Defender 1.0.1 and epolicy Orchestrator 4.6.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report EAL 2+ Evaluation of McAfee Enterprise Mobility Management 9.7 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme TM Validation Report for the Cisco Jabber 11.8 for Windows 10 Report Number: CCEVS-VR-10802-2017 Dated: 6/13/2017
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report Protection Profile for IPsec Virtual Private Network (VPN) Clients, Version 1.4, October 21
More informationCertification Report
Certification Report Security Intelligence Platform 4.0.5 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationCS 356 Lecture 7 Access Control. Spring 2013
CS 356 Lecture 7 Access Control Spring 2013 Review Chapter 1: Basic Concepts and Terminology Integrity, Confidentiality, Availability, Authentication, and Accountability Types of threats: active vs. passive,
More informationCertification Report
Certification Report EAL 2+ Evaluation of Fortinet FortiMail V3.0 MR5 Secure Messaging Platform Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report HP 3PAR StoreServ Storage Systems Version 3.2.1 MU3 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme
More informationL17: Assurance. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L17: Assurance Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 11/06/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from or are revised
More informationCertification Report
Certification Report EAL 4+ Evaluation of JUNOS-FIPS for SRX Series version 10.4R4 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationSterling Commerce, Inc. Connect:Direct with Secure+ Option. v4.5 on IBM OS/390 and z/os
Connect:Direct with Secure+ Option v4.5 on IBM OS/390 and z/os Document Version 0.1 Prepared for: 750 W. John Carpenter Freeway Irving, TX 75039 Prepared by: Corsec Security, Inc. 10340 Democracy Lane,
More informationBrocade Directors and Switches using Fabric OS v8.1.0
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme TM Validation Report Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 USA Brocade Directors
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report Standard Protection Profile for Enterprise Security Management Policy Management, Version 1.4,
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme TM Validation Report Cisco Systems, Inc. 170 West Tasman Drive, San Jose, CA 95134-1706 Cisco Catalyst 2K/3K
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT McAfee Data Loss Prevention 11.0 with epolicy Orchestrator 5.9.0 4 January 2018 383-4-429 Version 1.0 Government of Canada. This document is the property of the Government
More informationFIPS 140 & CC How do they get along
FIPS 140 & CC How do they get along Dawn Adams and Erin Connor EWA-Canada 22 September 2010 Overview Introduction FIPS 140 Overview Cryptography Under the CC CC SFRs in FIPS 140 The FCS Class FCS Logistics
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT EMC RecoverPoint v4.4 SP1 19 May 2016 FOREWORD This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief, Communications Security
More informationDell EMC NetWorker 9.1
Dell EMC NetWorker 9.1 Evaluation Assurance Level (EAL): EAL2+ Doc No: 1986-000-D102 Version: 1.2 10 July 2017 EMC Corporation 176 South Street Hopkinton, MA, USA 01748 Prepared by: EWA-Canada 1223 Michael
More informationCertification Report
Certification Report Curtiss-Wright Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report TM Trusted Computing Group (TCG) Personal Computer (PC) Specific Trusted Building Block (TBB)
More information