slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Background PowerPoint Presentation
Download Presentation

Loading in 2 Seconds...

play fullscreen
1 / 13

Background - PowerPoint PPT Presentation

  • Uploaded on

Common Criteria Discussions CCSDS Security Working Group Spring 2008 Meeting 11-12 March 2008 Washington DC (Marriott Courtyard Crystal City, Virginia). Background. ISO 15408 – Common Criteria for Information Technology Security Evaluation International standard Security requirements

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Common Criteria DiscussionsCCSDS Security Working GroupSpring 2008 Meeting11-12 March 2008Washington DC(Marriott Courtyard Crystal City, Virginia)

  • ISO 15408 – Common Criteria for Information Technology Security Evaluation
    • International standard
    • Security requirements
    • Common evaluation methodology
    • Mutual evaluation recognition (25 countries)
  • Protection Profiles
    • Designed as an “acquisition” document
      • Desired security services
  • Security Targets
    • Designed as a vendor “technical delivery” specification
      • Documents the security services provided in a product with respect to a Protection Profile
type of pps already written
Type of PPs Already Written
  • Access control devices
  • Boundary protection devices/systems (aka firewalls)
  • Databases
  • Detection devices/systems (IDS)
  • ICs, Smart Cards, devices and systems
  • Key Management systems
  • Network and Network-related devices/systems
  • Operating systems
  • Other devices/systems (e.g., ATM, biometric, certificate issuing)
  • Digital Signature products
why common criteria
Why Common Criteria?
  • Advocate the use of PPs to specify (in standardized terms) the full extent of a system’s security requirements.
space pps
Space PPs
  • What would a space PP consist of?
    • Profiles of mission security requirements?
      • Formalization, in CC terms, of security requirements, by mission type, a la security architecture?
    • PPs for space ‘unique’ systems, e.g.,
      • C&DH/command & control
      • Solid state recorders
      • Shared bus
      • Others?
example cash machine 1
Example – Cash Machine1

This Protection Profile has been developed to specify the requirements in terms of functionalities and levels of assurance applicable to ACDs/ATMs.

Many transactions can be carried out via an ACD/ATM. The target has therefore been deliberately restricted to matters connected with the use of a card, the identification of the cardholder (the confidentiality of the PIN, etc) and the dispensing of cash (the integrity of the interfaces with the server, etc).

  • The target of evaluation comprises:
  • a central processing unit (the “brain” which conditions or coordinates its overall operation),
  • a cash dispenser (a hardware device for taking banknotes from cash cassettes and
  • delivering them to the cardholder),
  • a card reader (for smart cards and possibly stripe cards),
  • an input device for the cardholder to use (subsequently termed the “keypad”).
  • The Protection Profile relates mainly to interchanges between these various components,
  • which are normally grouped together within a single hardware enclosure (see the
  • diagram above), but any other architecture may be considered.

1Bull, Dassault, Diebold, NCR, Siemens Nixdorf, Wang Global

  • Does this make sense?
  • Should we attempt to do this?
  • Will anyone use it – or even care about it?
  • Do the National Space Agencies use the Common Criteria – or should they?
    • US requires FISMA (Federal Information Security Management Act)
      • NIST Federal Information Processing standards
      • No mention of CC evaluated products
    • What about everyone else?
example us federal aviation administration faa
Example: US Federal Aviation Administration (FAA)
  • FAA has developed a Protection Profile library of templates
  • Three PP classes (characteristics) resulting in 18 different PPs
    • Mission:
      • Mission critical National Airspace System (NAS)
      • Mission support/administrative
    • Technology and Security Enclave:
      • Wide area network
      • Local area network/facility communications
      • Applications system
    • Risk:
      • High risk/critical system
      • Moderate risk/essential system
      • Low risk/routine system
  • FAA PP Library Link
national airspace system nas
National Airspace System (NAS)
  • NAS is very much akin to a distributed mission control center
  • From the FAA PP for high risk WAN:
    • The TOE is a high risk WANthat will operate within the U.S. National Airspace System (NAS). The NAS is defined as “the common network of U.S. airspace; air navigation facilities, equipment and services; airports or landing areas; aeronautical charts, information and services; rules, regulations and procedures; technical information; and manpower and material. The NAS encompasses everything and everyone providing FAA-regulated flight operations support services to aviators in airspace for which the United States has jurisdiction or responsibility. Included are system components shared jointly with the military. The NAS is an evolving system of technologies, procedures, and people intended to meet the needs of NAS users and service providers. In short, the NAS is a system of systems that executes a safety-critical mission on a 7x24 basis nationwide.
example faa pp assets sensitivities
Example:FAA PP Assets & Sensitivities

Key: NR - not rated, public information

SBU - sensitive but unclassified

FOUO - for official use only

SSI - security sensitive information

way forward
Way Forward?
  • Write a space system Protection Profile?
    • What program/system?
    • Should we/can we write a “system” PP?
      • ISS
      • Constellation
      • ATV
      • Planetary explorer
      • Near-earth explorer
      • Meteorological
      • Other?
    • Or should we write a PP to cover a segment of a system?
      • Mission control system
      • Launch control system
      • Public data dissemination system
      • Other?
  • If this is a good thing do we have volunteers?