1 / 10

Official levels of Computer Security

Official levels of Computer Security. United States Government Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC)- “Orange Book” Requirements: Specific security requirements Assurance requirements. TCSEC / Orange Book. 4 divisions- A,B,C,D

arden-burke
Download Presentation

Official levels of Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Official levels of Computer Security United States Government Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC)- “Orange Book” Requirements: Specific security requirements Assurance requirements

  2. TCSEC /Orange Book • 4 divisions- A,B,C,D • Specifies evaluation classes (D, C1, C2, B1, B2, B3, A1) • Specifies functionality and assurance requirements for each class • Each class defines 4 requirements • Policy • Accountability • Assurance • Documentation

  3. TCSEC Classes • D – Minimal Protection • C1 – Discretionary Security Protection • Identification and authentication and DAC • users processing data at common sensitivity level, separates users from data • Minimal Assurance, may be based on features, not evaluation • C2 – Control led access protection • Adds object reuse and auditing • More testing requirements • Windows NT 3.5 evaluated C2

  4. TCSEC Classes • B1 – Labelled Security Protection • Adds MAC for some objects • Controlled objects “labeled”, access control based on these • Stronger testing requirements. Information model of security policy. Bell-La Padula model. • Trusted Unix tended to be B1 • B2 – Structured protection • MAC for all objects, including devices. • Design and implementation must enable thorough testing & review • “well-defined largely independent modules” • Trusted Path. Least privilege. • Covert channel analysis, configuration management, more documentation, formal model of security policy

  5. TCSEC Classes • B3 – Security Domains • Requirements on code modularity, layering, simplicity. • Argument (short of proof) that implementation meets design specifications • Tamper-proof implementation • More stringent testing and documentation. • XTS-200/STOP • A1 – Verified protection • Same functional requirements as B3 • Five criteria • Formal model of protection and proofs of consistency/adequacy • Formal specification for protection system • Demonstration that specification corresponds to model of protection • “proof” that implementation is consistent with specification • Formal analysis of covert channel • Existence proof : Honeywell’s SCOMP

  6. Trusted Computing Base • Trusted Computing Base – Hardware and software for enforcing security rules process • Reference monitor – Part of TCB Reference – All system calls go through reference monitor for security checking – Most OS not designed this way

  7. Security Breaches • Interception • Interruption • Modification • Fabrication Security Hole - Software & hardware vulnerability • Holes that allow DoS • Holes that allow Local users unauthorized access • Holes that allow Remote users unauthorized access

  8. Other types: • FTP • Gopher • Telnet • Sendmail • ARP • Portmap

More Related