1 / 8

Mapping TCSEC to Common Criteria

Mapping TCSEC to Common Criteria. Common Criteria Accreditation Process. Obtain Protection Profile Refine Protection Profile to create Security Target Security Target Accreditation. Protection Profile (PP).

willow-burton
Download Presentation

Mapping TCSEC to Common Criteria

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mapping TCSEC to Common Criteria

  2. Common Criteria Accreditation Process • Obtain Protection Profile • Refine Protection Profile to create Security Target • Security Target Accreditation

  3. Protection Profile (PP) • Required for accreditation or re-accreditation of systems to meet new Common Criteria standard • PP defines mandatory requirements with flexible implementation

  4. Protection Profile to Security Target Protection Profile: The TSF shall generate an alarm to the authorized administrator if the audit trail exceeds [assignment: pre-defined limit] Security Target: The TSF shall generate an alarm to the authorized administrator if the audit trail exceeds 10mb.

  5. TOE Protection Profile TOE: General class of systems that the Protection Profile refers to. Security Target TOE: A specifically defined system

  6. Mapping C2 accreditedation to Common Criteria • Obtain NIAP certified Protection Profile (CAPP 1.d) from http://csrc.ncsl.nist.gov/cc • Apply Protection Profile to system • Refinement of Protection Profile creates Security Target • Insert Security Target into DITSCAP process

  7. Mapping B1 accreditation to Common Criteria • Primary difference is Protection Profile • LSPP 1.b • More requirements than CAPP 1.d

  8. Justin Townsend townseju@cnrf.nola.navy.mil

More Related