ITSEC Flashcards
What is ITSEC
ITSEC is a standard for evaluating the security of a given target. Unlike TCSEC, ITSEC can evaluate both systems and program.
Any target evaluated by ITSEC is referred as to the target of evaluation (TOE), and the security target (ST) is the security functionality of the TOE and its environment.
Any target is evaluated along the 6 levels of trust E1,…, E6 which are called evaluation levels.
What does a security target (ST) contain?
The ST cointains:
- A system security policy
- Environmental assumptions and possible threats
- Specification of the required security mechanisms
- Definition of the required security mechanisms
- A claimed minimum rating of the strength of the mechanism
- The target evaluation level
What are the requirements of ITSEC?
The requirments of ITSEC are:
- Suitability analysis: The security requirements and environment assumptions must be enough to counter the threats defined in the ST
- Binding analysis: Must show that the security requirements and mechanisms are mutually supportive
- Construction vulnerability analysis: Must perform vulnerability analysis of the design of the TOE.
- Operational vulnerability analysis: Must check vulnerabilities in implementation and operation of TOE
What are the different evaluation levels?
E1 - Requires an ST and information description of the product, the TOE has been tested.
.
. (Do not believe we need to know this)
.
E6 - Extensive use of formal models. The architectural design has been stated formally and shown to be consistent with the formal model of the security policy.
What does the evaluation process look like in ITSEC?
It follows the three same steps as TCSEC:
- Design analysis
- Test analysis
- Final review