Integrating cryptography into trusted systems: A criteria approach

Author

Brierley, William

Author_Institution

Commun. Security Establ., Ottawa, Ont., Canada

fYear

1992

fDate

30 Nov-4 Dec 1992

Firstpage

30

Lastpage

36

Abstract

The rationale behind the requirements for cryptographic implementations which have been integrated into version 3.0 of the Canadian trusted computer products evaluation criteria (CTCPEC) are presented. It is argued that an integrated set of requirements for cryptography is an essential step toward bridging the gulf between communications and computer security. A brief overview of the CTCPEC is given, with particular emphasis on those features of the CTCPEC which facilitated the development of security requirements for cryptographic modules. The scope of the security requirements for cryptographic modules and the structure of the security requirements document are discussed. The requirements on the implementation of a cryptographic module are addressed. The requirements for the integration of cryptographic modules into INFOSEC products are described. A summary of the project is provided

Keywords

cryptography; operating systems (computers); software reliability; CTCPEC; Canadian trusted computer products evaluation criteria; INFOSEC products; communications; computer security; cryptographic implementations; security requirements; trusted systems; Communication system security; Computer architecture; Computer networks; Computer security; Costs; Cryptography; Information security; NIST; Portable computers; Product design;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1992. Proceedings., Eighth Annual

Conference_Location

San Antonio, TX

Print_ISBN

0-8186-3115-5

Type

conf

DOI

10.1109/CSAC.1992.228236

Filename

228236