Title :
Increased information flow needs for high-assurance composite evaluations
Author :
Karger, Paul A. ; Kurth, Helmut
Author_Institution :
IBM Corp. Thomas J. Watson Res. Center, Yorktown Heights, NY, USA
Abstract :
Four common criteria certification agencies from France, Germany, the Netherlands and the UK have developed a concept of composite evaluations in which software evaluators would not receive the full hardware evaluation technical report (ETR), but instead would only receive an abbreviated ETR-lite. While ETR-lite is acceptable at low assurance levels, we argue that at high assurance levels, such an abbreviated report violates the basic principles of systems engineering and high assurance evaluation, and demonstrates that serious undetected security vulnerabilities can be the result. We recommend that additional information flow between hardware evaluators and software developers and evaluators is crucial for high assurance evaluation to succeed.
Keywords :
data flow analysis; security of data; smart cards; systems engineering; abbreviated ETR-lite; covert channel; hardware evaluation technical report; information assurance; information flow; smart card; software development; software evaluation; systems engineering; Certification; Databases; Government; Hardware; Information security; Performance evaluation; Smart cards; Software performance; Systems engineering and theory; Writing;
Conference_Titel :
Information Assurance Workshop, 2004. Proceedings. Second IEEE International
Print_ISBN :
0-7695-2117-7
DOI :
10.1109/IWIA.2004.1288043
