High robustness requirements in a Common Criteria protection profile

被引:1
|
作者
Nguyen, Thuy D. [1 ]
Levin, Timothy E. [1 ]
Irvine, Cynthia E. [1 ]
机构
[1] Naval Postgrad Sch, Monterey, CA 93940 USA
来源
FOURTH IEEE INTERNATIONAL WORKSHOP ON INFORMATION ASSURANCE, PROCEEDINGS | 2006年
关键词
common criteria; separation kernel; high robustness; dynamic configuration; least privilege;
D O I
10.1109/IWIA.2006.13
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The development of a Common Criteria protection profile for high-robustness separation kernels requires explicit modifications of several Common Criteria requirements as well as extrapolation from existing (e.g., medium robustness) guidance and decisions. The draft U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness (SKPP) is intended to be applicable to a class of products (the target of evaluation, or TOE) that includes, but is not limited to, real time and embedded systems. This paper describes certain SKPP concepts and requirements and provides underlying motivations and rationale for their inclusion in the SKPP. Primary areas of focus are the security requirements regarding information flow, dynamic configuration, and the application of the principle of least privilege to restrict actions of active entities.
引用
收藏
页码:66 / +
页数:3
相关论文
共 50 条
  • [1] Secure USB media considerations for a common criteria protection profile
    Arendt, H
    Weinand, M
    ISSE 2005 - Securing Electronic Business Processes, 2005, : 234 - 241
  • [2] Application-level firewall protection profile for high robustness environments
    Kelly, M
    Matyas, V
    Patel, A
    8TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL VIII, PROCEEDINGS: CONTROL, COMMUNICATION AND NETWORK SYSTEMS, TECHNOLOGIES AND APPLICATIONS, 2004, : 38 - 42
  • [3] CRITERIA AND REQUIREMENTS FOR RDT PLANT PROTECTION SYSTEMS
    WALKER, CS
    NUCLEAR SAFETY, 1970, 11 (05): : 375 - &
  • [4] Toward a medium-robustness separation kernel protection profile
    DeLong, Rance J.
    Nguyen, Thuy D.
    Irvine, Cynthia E.
    Levin, Timothy E.
    TWENTY-THIRD ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2007, : 40 - +
  • [5] Information security in telecommunication networks: Criteria and protection profile
    Kiselev, AA
    Safonov, EV
    Novikov, SN
    2004 INTERNATIONAL SIBERIAN WORKSHOPS AND TUTORIALS ON ELECTRON DEVICES AND MATERIALS, EDM 2004, PROCEEDINGS, 2004, : 119 - 121
  • [6] Using the common criteria to elicit security requirements with use cases
    Ware, Michael S.
    Bowles, John B.
    Eastman, Caroline M.
    PROCEEDINGS OF THE IEEE SOUTHEASTCON 2006, 2006, : 273 - 278
  • [7] Security Requirements Elicitation Using Method Weaving and Common Criteria
    Saeki, Motoshi
    Kaiya, Haruhiko
    MODELS IN SOFTWARE ENGINEERING, 2009, 5421 : 185 - +
  • [8] Defining Security Requirements With the Common Criteria: Applications, Adoptions, and Challenges
    Sun, Nan
    Li, Chang-Tsun
    Chan, Hin
    Le, Ba Dung
    Islam, Md Zahidul
    Zhang, Leo Yu
    Islam, Md Rafiqul
    Armstrong, Warren
    IEEE ACCESS, 2022, 10 : 44756 - 44777
  • [9] Ontological mapping of common criteria's security assurance requirements
    Ekelhart, Andreas
    Fenz, Stefan
    Goluch, Gernot
    Wcippl, Edgar
    NEW APPROACHES FOR SECURITY, PRIVACY AND TRUST IN COMPLEX ENVIRONMENTS, 2007, 232 : 85 - +
  • [10] A comparison of the common criteria with proposals of information systems security requirements
    Mellado, Daniel
    Fernandez-Medina, Eduardo
    Piattini, Mario
    FIRST INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2006, : 654 - +
12345