|
|
- 2016
CC标准中安全架构与策略模型的分析方法
|
Abstract:
通用评估准则(CC)未论述安全架构及策略模型这2个保障要求的具体分析方法, 因而不利于实际的安全评估工作。为此, 首先从设计分解的角度论述了CC的基本评估模型, 将安全功能(TSF)从内涵功能和元功能2个角度进行定义, 以此论述安全架构设计的意义, 并基于脆弱性分析活动来描述安全架构及评估方法。其次, 从论述保护轮廓(ST)与功能规范(FSP)的逻辑差距出发, 描述了形式化安全策略模型的意义, 并提出了对TSF要求进行(半)形式化的方法来弥补此差距的途径。由于等同于CC v3.1标准的国标GB/T18336即将在中国推行, 该文结论将有助于改进后续的安全评估工作。
Abstract:The Common Criteria (CC) does not adequately explain the security architecture and policy model requirements which hinders security evaluations. This paper classifies the requirements through a general CC evaluation model based on design decomposition. The analysis then categorizes the TOE security functionality (TSF) as the TSF meta-functionality and the TSF obligatory functionality to demonstrate the need for justifying the security properties in the architecture design. Then, security architecture description and evaluation approaches are described for vulnerability analysis activity. Then, this paper describes the need for formalizing the security policy model based on observations of the logical gap between the security target (ST) and the functional specification (FSP) requirements. A (semi-) formalization of the security functional requirements is given to bridge the gap. The national standard GB/T18336 (the Chinese version of CC v3.1) will be adopted soon in China, so the analysis in this paper is needed to improve security evaluation activities.
| [1] | ISO/IEC 15408. Information Technology-Security Techniques-Evaluation Criteria for IT Security[S]. Switzerland:ISO/IEC, 2009. |
| [2] | GB/T 18336. 信息技术安全技术信息技术安全评估准则[S]. 北京:中国国家标准化管理委员会, 2005. GB/T 18336. Information Technology-Security Techniques-Evaluation Criteria for IT Security[S]. Beijing:Standardization Administration of the People's Republic of China, 2005. (in Chinese) |
| [3] | CCRA Management Committee. CCRA:Arrangement on the recognition of Common Criteria certificates in the field of information technology security[Z/OL].[2015-06-03] . http://www.commoncriteriaportal.org/ccra/. |
| [4] | CC Supporting Document. Composite product evaluation for smartcards and similar devices, version 1.2[Z/OL].[2015-06-03] . http://www.commoncriteriaportal.org/cc/. |
| [5] | 毕海英, 石竑松, 高金萍, 等. 通用评估准则的发展与应用现状[J]. 信息技术与标准化, 2013,347(11):14-17. BI Haiying, SHI Hongsong, GAO Jinping, et al. The development of Common Criteria and its applications[J].Information Technology & Standardization, 2013,347(11):14-17. (in Chinese) |
| [6] | CC Supporting Document. Security architecture requirements (ADV_ARC) for smart cards and similar devices, version 2.0[Z/OL].[2015-06-03] . http://www.commoncriteriaportal.org/cc/. |
| [7] | Bundesam FVr Sicherheit der Informationstechnik (BSI). Guideline for the development and evaluation of formal security policy models in the scope of ITSEC and Common Criteria, version 2.0[Z/OL].[2015-06-03] . http://www.bsi.bund.de/cae/servlet/contentblob/478122/publicationFile/30243/Guideline_FMSP_v20_pdf.pdf. |
| [8] | Chetali B, Nguyen Q H. Industrial use of formal methods for a high-level security evaluation[C]//FM 2008:Formal Methods. Berlin, Germany:Springer Berlin Heidelberg, 2008:198-213. |
| [9] | Narasamdya I, Perin M. Certification of smart-card applications in Common Criteria[C]//Proceedings of the 2009 ACM Symposium on Applied Computing. Berlin, Germany:Springer Berlin Heidelberg, 2009:309-324. |
| [10] | Beckert B. Mind the gap:Formal verification and the Common Criteria[C]//In 6th International Verification Workshop (VERIFY-2010). Edinburgh, UK:IJCAR, 2010:4-12. |
| [11] | Ba?ón M. Security evaluation, testing and specification[C]//SC27 Security Techniques of 25 Years of Information Security Standardization (1990-2015). Ipswich, UK:Gipping Press, 2015:124-130. |
