slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
TCSEC: The Orange Book PowerPoint Presentation
Download Presentation
TCSEC: The Orange Book

Loading in 2 Seconds...

play fullscreen
1 / 26

TCSEC: The Orange Book - PowerPoint PPT Presentation

  • Uploaded on

TCSEC: The Orange Book. TCSEC Purpose. Establish best practices Requirements for assessing the effectiveness of security controls Measure computing resource security Evaluate, classify, and select systems considered for computing resources. TCSEC: Purpose.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'TCSEC: The Orange Book' - tad

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
tcsec purpose
TCSEC Purpose
  • Establish best practices
    • Requirements for assessing the effectiveness of security controls
  • Measure computing resource security
    • Evaluate, classify, and select systems considered for computing resources

TCSEC: Purpose

  • Guidance – provides guidance on how to design a trusted computing system along with their associated data and services
  • Metrics – provides a metric (classification) for determining the level of trust assigned to a computing system.

Orange Book: Metrics

  • Measurement of a system's security is quantified using a classification system.
  • The Classes are:
    • D
    • C1 & C2
    • B1, B2, B3
    • A1
  • A is more secure than D
  • 2 is more secure than 1.

Orange Book: Metrics

  • The rating system is hierarchical
  • D applies to any system that fails to meet any of the higher level security classes.
  • The other levels have increasing security requirements.
  • A1 systems would be rare.
  • An A1 system is not 100% secure.
  • The risk level is expected to be lower compared to the other levels

Metrics: C1

  • Identification and authentication (user id & password)
  • DAC – (Discretionary Access Controls)
    • capable of enforcing access controls
    • Example: Basic Unix/Linux OS, user, group, other.

Metrics: C2

  • C1 plus
  • Audit trails
  • System documentation and user manuals.

Metrics B1

  • C2 plus
  • Discovered weaknesses must be mitigated

Metrics B2

  • B1 plus
  • Security policy must be defined and documented
  • Access controls for all subjects and objects

Metrics: B3

  • B2 plus
  • Automated imminent intrusion detection, notification and response.

Metrics: A1

  • B3 +
  • System is capable of secure distribution (can be transported and delivered to a client with the assurance of being secure)

Orange Book Security Criteria

  • Security Policy
  • Accountability
  • Assurance
  • Documentation

1. Security Policy

  • The set of rules and practices that regulate how an organization manages, protects, and distributes information.

1. Security Policy

  • The policy is organized into subjects and objects.
  • Subjects act upon objects
    • Subjects – processes and users.
    • Objects – data, directories, hardware, applications
  • A well defined access control model determines if a subject can be permitted access to an object.
security policy
Security Policy

Top secret, secret, classified, non-classified

Need-to-know, job division, job rotation, NDA, etc.


2. Accountability

  • The responsibilities of all who come in contact with the system must be well defined.
    • Identification (… the process to identify a user)
    • Auditing (...accumulating and reviewing log information and all actions can be traced to a subject)
    • Organizational chart
    • Job description contract, AUP, NDA, SLA

3. Assurance

  • The reasonable expectation that the security policy of a trusted system has been implemented correctly and works as intended.
  • Assurance is organized into
    • Operational assurance
    • Life-cycle assurance

3a. Organizational Assurance

  • Security policy is maintained in the overall design and operation of the system.
    • Example: Users of the system have an assurance that access controls are enforced

3b. Life-cycle Assurance

  • Insuring the system continues to meet the security requirements over the lifetime of the system.
    • Updates to the software and hardware must be considered
    • The expectation that the system remains operational (is available) over its lifetime
    • Sustainability-cycle

4. Documentation Requirements

  • Security Features User's Guide
  • Trusted Facility Manual
  • Test Documentation
  • Design Documentation

Documentation: Security Features User's Guide

  • Aimed at the ordinary (non-privileged) users.
    • General usage policy
    • *Instructions on how to effectively use the system
    • Description of relevant security features

Documentation: Trusted Facility Manual

  • Aimed at the S.A. Staff
    • How the system is configured and maintained
    • Includes the day-to-day required activities
      • Backups
      • Reviewing security logs

Documentation: Test Documentation

  • Instructions on how to test the required security mechanisms

Documentation: Design Documentation

  • Define the boundaries of the system
  • A complete description of the hardware and software.
  • Complete system design specifications
  • Description of access controls

The Orange Book

  • The Orange book has been superseded by the Common Criteria