Skip to main content

Miscellaneous Concepts

IT Security Evaluation Standards (unfinished)

Common Criteria (CC) - ISO/IEC 15408:
  • Overview: The Common Criteria for Information Technology Security Evaluation provides a framework for evaluating the security properties of software and hardware products.
  • Key Point: It allows for an objective evaluation, ensuring a product or system meets a particular set of security standards. Many view it as the current "gold standard" in IT security evaluation.
  • Relevance: CC is internationally recognized and serves as a bridge between various national criteria by providing a common standard for security evaluations.
Trusted Computer System Evaluation Criteria (TCSEC) - often called the "Orange Book":
  • Overview: Developed in the U.S. during the 1980s, TCSEC was a set of criteria used for evaluating computer security within products.
  • Key Point: It introduced security levels (from D to A) that represented increasing levels of security assurance and capability.
  • Relevance: While it was groundbreaking in its time and influenced many future standards, it became somewhat outdated due to its focus on standalone systems and the rapid evolution of IT.
Information Technology Security Evaluation Criteria (ITSEC):
  • Overview: Developed in Europe, ITSEC aimed to establish a standardized security evaluation.
  • Key Point: It expanded on the ideas of TCSEC but was more flexible and comprehensive. It evaluated both the security functionality and the assurance levels of products.
  • Relevance: ITSEC was an important step forward from TCSEC and laid groundwork for more international collaboration on security standards.

Why Remember TCSEC and ITSEC?

  • Historical Importance: Understanding the progression of security standards is crucial. TCSEC and ITSEC represent significant milestones in the evolution of IT security evaluation criteria. They inform how and why modern standards, like the Common Criteria, have been shaped.
  • Foundational Concepts: Many concepts and terminologies in modern standards can trace their roots back to TCSEC and ITSEC. Understanding them can provide deeper insights into the underpinnings of current practices.
Focus on Common Criteria (CC):
While TCSEC and ITSEC are historically vital, the Common Criteria has effectively replaced them as the international standard for IT security evaluation. As a CISSP candidate, while it's essential to be aware of TCSEC and ITSEC, most of your attention should be on understanding the intricacies and applications of the Common Criteria, given its current global relevance and adoption.

CC:
1 Description of assets (Assumptions and Security Policies)

2 Identification of threats

3 Analysis and rating  of threats (Safety Risk Analysis)

4 Determination of Security Objectives (System & Environment objectives)

5 Selection of security requirements

6 Repeat

(Draw as flowchart)

Two Types of CC:

  1. Community Protection Profile (cPP):
  • Nature: Black-box evaluation.
  • Description: cPPs come with predefined requirements. It’s a sort of "off-the-shelf" security evaluation based on standardized needs for a particular community or sector.
  • Relevance for CISSP: While foundational knowledge is useful, cPP might not be as frequently referenced in the exam as the more detailed aspects of CC.
  1. Evaluation Assurance Level (EAL):
  • Nature: White-box evaluation.
  • Description: EAL offers a more detailed, flexible approach. Instead of using preset requirements like cPP, EAL allows for a tailored examination, where the specific claims and requirements can be set based on the unique needs of the product or system.
  • Relevance for CISSP: It's essential to understand the different EAL levels (EAL1 to EAL7) and what each represents in terms of depth and rigor of evaluation.
Comparison of Security Evaluation standards

Evaluation Level
TCSEC
ITSEC
Common Criteria (CC)
Description
Lowest Assurance
D
F-D+E0
EAL1 - Functionally Tested
Mild protection against casual or inadvertent attempts to breach the system's security.
Basic Assurance
C1
F-C1+E1
EAL2 - Structurally Tested
As above, with a focus on more structured security evaluation processes.

C2
F-C2+E2
EAL3 - Methodically Tested & Checked
As above, but with more refined controls and checks.
Medium Assurance
B1
F-B1+E3
EAL4 - Methodically Designed, Tested, and Reviewed
Advanced protection with more comprehensive testing and detailed security design practices.

B2
F-B2+E4
EAL5 - Semi-Formally Designed and Tested
More rigorous requirements with vulnerability analysis and further development controls.
High Assurance
B3
F-B3+E5
EAL6 - Semi-Formally Verified Design and Tested
Full or near-full assurance with very detailed security engineering practices.

A1
F-B3+E6
EAL7 - Formally Verified Design and Tested
The highest level of security assurance, with extremely strict formal methods and specifications.

Open System

  • Definition: Systems that are constructed using widely recognized and accepted industry standards, promoting easy integration with other similarly designed systems.
  • In simpler terms: Like playing with LEGO bricks made by different manufacturers but all following the same design rules, ensuring they fit together.

Closed System

  • Definition: Systems that rely on proprietary hardware or software, often without publicly available documentation. This often makes integration with other systems more challenging.
  • In simpler terms: It's like trying to fit blocks from a specialized toy set into a generic set; they might not fit because they follow their own unique rules.

      Embedded Systems & Static Environments

      1. Embedded Systems:
        • Motion systems (e.g., anti-lock braking system in cars)
        • Lighting systems
        • Cash registers
        • Digital signature pads
        • Wi-Fi routers
      • Definition: These systems are designed for a specific function or set of functions within a larger system.
      • Examples:
      • They're integral to many devices and can be found in everyday appliances as well as specialized equipment.
    1. Static Environments:
      • Definition: Configurations like OSs, hardware, or networks set up for a particular purpose and remain unchanged despite interaction. They are resistant to alterations, even by authorized personnel like administrators.
      • Example: An industrial control system (like those used in manufacturing plants) that's configured to manage machinery operations. Changes could disrupt the production process, so the environment remains static to ensure consistent performance.
    2. Management & Security:
      • Network Segmentation: Dividing network into various segments to keep critical systems separate and secure.
      • Security Layers: Using multiple security measures to protect systems, akin to having multiple barriers.
      • Application Firewalls: Protects against malicious inputs or attacks targeted at applications.
      • Manual Updates: Due to the sensitivity and specificity, updates might need to be manually reviewed and applied.
      • Firmware Version Control: Ensures only approved and tested firmware versions are in use.
      • Wrappers: Additional security layers around an application or system to shield it from potential threats.
      • Control Redundancy and Diversity: Having multiple controls in place, so if one fails, another can take over or compensate.
      • Both embedded systems and static environments, due to their specialized nature, require targeted security measures.
      • Security Measures:

      Remember: As technology evolves, the line between embedded systems and more flexible environments may blur, but the fundamental principles of securing these systems remain the same. Always prioritize the integrity and security of the system while accommodating for its intended function.

      Back to top