Download   Report
  1. No category

Document 179213

Jose Emilio Rico
Epoche & Espri
[email protected]
Single Site Security Target
How to
Agenda
Site certification
Current methodology and well known SARs’
(ALC) issues in CC.
The manufacturing model
The Site Certification process
Single SST template
Conclusions
September 2013
14 ICCC Orlando
2
Site Certification
Purpose
o Reusability of results, leads to a significant
reduction of time and money efforts.
o Marketing Developer image
o A manufacturing process certification
o From EAL3
CC & CEM do not help too much in some aspects of ALC.
Let´s have a look ……….
September 2013
14 ICCC Orlando
•8/9/2013 3 3
Current methodology
CC part 3 & CEM
Site Certification Supporting Document
JIL Minimum DVS requirements for high assurance
September 2013
14 ICCC Orlando
•8/9/2013 4 4
Well known SARs’ (ALC) issues in CC.
When analyzing the ALC role in CC we found:
The broken link between SPD & SARs
o Mapping TOE security capabilities to properties of
the security architecture (ADV_ARC).
o Mapping desirable security properties of the
development process and sites to assurance life
cycle capabilities (ALC).
o Mapping AVA_VAN attack potential methodology to
security in the development environment.
September 2013
14 ICCC Orlando
•8/9/2013 5 5
Well known SARs’ (ALC) issues in CC.
When analyzing the ALC role in CC we found:
Vague information and references to the development
process characteristics in the ST.
September 2013
14 ICCC Orlando
•8/9/2013 6 6
Well known SARs’ (ALC) issues in CC.
When analyzing the ALC role in CC we found:
Minimum requirements for the development sites
[ALC_DVS.1-1]
The evaluator determines what is necessary by first
referring to the ST for any information that may assist in the
determination of necessary protection. If no explicit
information is available from the ST the evaluator will
need to make a determination of the necessary
measures.
September 2013
14 ICCC Orlando
•8/9/2013 7 7
The manufacturing model
September 2013
14 ICCC Orlando
•8/9/2013 8 8
The manufacturing model
September 2013
14 ICCC Orlando
•8/9/2013 9 9
Site Certification process
Site evaluation
AST: SST evaluation ALC evaluation ETR
How to reuse ALC in a later TOE evaluation
o The TOE-ST defines the scope of the development
environment by claiming the ALC requirements.
o No changes have been made in the certified
development environment.
o The site certificate fulfill all ALC related SARs of the
TOE-ST no additional evaluation efforts are
necessary in the TOE evaluation concerning ALC.
September 2013
14 ICCC Orlando
•8/9/2013 1010
Single SST template
Site Security target content.
1. Introduction
2. Conformance Claim
3. Security Problem Definition
4. Security
Objectives
environment
for
the
development
5. Extended Components Definition
6. Security Requirements
7. Site Summary Specification
September 2013
14 ICCC Orlando
•8/9/2013 1111
Single SST template
Common issues in a single SST:
o Security problem based in Risk analysis
o Security objectives for the Site
o ALC SARs: ALC_CMS.1, ALC_CMC.3, ALC_DVS.1
Distinctive issues:
o Implementation of the selected SARs
September 2013
14 ICCC Orlando
•8/9/2013 1212
Single SST template
Security problem based in Risk analysis: Assets
September 2013
14 ICCC Orlando
•8/9/2013 1313
Single SST template
Security problem based in Risk analysis: Agents
o Insider with rights
o Insider without any rights
o Outsider with rights
o Outsider without any rights
September 2013
14 ICCC Orlando
•8/9/2013 1414
Single SST template
Security problem based in Risk analysis: Threats
September 2013
14 ICCC Orlando
•8/9/2013 1515
Single SST template
Security problem: OSPs
September 2013
14 ICCC Orlando
•8/9/2013 1616
Single SST template
Security problem: Assumptions.
No assumptions should be included
exempting the developer from meeting the
ALC requirements.
If needed …….
Should be outside the sphere of influence of the
developer.
Should be requirements for the final customer:
security, CMC for maintenance, etc.
September 2013
14 ICCC Orlando
•8/9/2013 1717
Single SST template
Security Objectives of the Site vs. Threats (I).
September 2013
14 ICCC Orlando
•8/9/2013 1818
Single SST template
Security Objectives of the Site vs. Threats (II).
September 2013
14 ICCC Orlando
•8/9/2013 1919
Single SST template
Security Objectives of the Site vs. OSPs.
September 2013
14 ICCC Orlando
•8/9/2013 2020
Single SST template
Security Assurance Requirements to meet
objectives. Configuration Management System.
September 2013
14 ICCC Orlando
Site
•8/9/2013 2121
Single SST template
Security Assurance Requirements
objectives. Developers security (I).
September 2013
14 ICCC Orlando
to
meet
Site
•8/9/2013 2222
Single SST template
Security Assurance Requirements
objectives. Developers security (II).
September 2013
14 ICCC Orlando
to
meet
Site
•8/9/2013 2323
Single SST template
Security Assurance Requirements
objectives. Life Cycle model.
September 2013
14 ICCC Orlando
to
meet
Site
•8/9/2013 2424
Single SST template
Security Assurance Requirements. Application Notes.
September 2013
14 ICCC Orlando
•8/9/2013 2525
Single SST template
Site Summary Specification (SSS)
o Identify evidence needed for the Site to meet the
SARs and describe how the Site met the SARs.
o ALC_DVS: how it fulfils the attack potential claimed.
o The SSS has to describe WHAT but not HOW.
o Sanitized version of the SST without SSS.
September 2013
14 ICCC Orlando
•8/9/2013 2626
Single SST template
Site Summary Specification (SSS). Attack potential.
o Attack potential calculation.
September 2013
14 ICCC Orlando
•8/9/2013 2727
Conclusions - 1st
Site certification
o Reusability: same area, same procedures
Significant reduction of time and money efforts.
Marketing
September 2013
14 ICCC Orlando
•8/9/2013 2828
Conclusions – and 2nd
The Single SST template:
o May derived in a a PP with the common aspects
helping in the definition of a set of minimum reqs.
for medium assurance (e.g. EAL3 & EAL4).
o May be extended to cover multiple sites in a supply
chain including secure delivery. Main add-ons:
security measures for transfers between sites
acceptance procedures.
September 2013
14 ICCC Orlando
•8/9/2013 2929
Jose Emilio Rico
[email protected]
Epoche & Espri, S.L.U.
Avda. de la Vega, 1
28108, Alcobendas, Madrid
Spain
Epoche & Espri Corporation
4000 Legato Road, Suite 1100
Fairfax, VA 22033
USA
Tel:
FAX:
Tel:
FAX:
+34 914-902-900
+34 916-625-344
+1 888-877-9506
+1 703-227-7189
District 196 /Apple Valley/ Area Learning Center

District 196 /Apple Valley/ Area Learning Center

this brochure

this brochure

Right Brain Media, Inc. Terms and Conditions

Right Brain Media, Inc. Terms and Conditions

MIT-CHIEF Business Plan Contest Executive Summary Template

MIT-CHIEF Business Plan Contest Executive Summary Template

Iris Folding Tutorial

Iris Folding Tutorial

Managing and Leading Diverse Teams

Managing and Leading Diverse Teams

iPHONE 4 DISASSEMBLY SCREW TEMPLATE

iPHONE 4 DISASSEMBLY SCREW TEMPLATE

Equatorial Atlantic Variability: Dynamics, ENSO Impact, and Implications for Model Development

Equatorial Atlantic Variability: Dynamics, ENSO Impact, and Implications for Model Development

How to Write a Business Plan

How to Write a Business Plan

ø Scrubby- ’s (…or Kitchen Cookies & Bath Biscuits!)

ø Scrubby- ’s (…or Kitchen Cookies & Bath Biscuits!)

Template for a SCHOOL BUSINESS PARTNERSHIP MEMORANDUM OF AGREEMENT

Template for a SCHOOL BUSINESS PARTNERSHIP MEMORANDUM OF AGREEMENT

We Deliver Results

We Deliver Results

How to overcome the egg-weakness of sulfuryl floride –

How to overcome the egg-weakness of sulfuryl floride –

abcdocz.com

© Copyright 2024