Defining requirements for network solution in protection profiles

Author

Sung, Yune Gie ; Yi, Eun-Kyoung ; No, Byung-Gyu ; Kim, Jae Sung

Author_Institution

Korea Inf. Security Agency, Seoul, South Korea

fYear

2003

fDate

14-16 Oct. 2003

Firstpage

333

Lastpage

336

Abstract

The international standards about computer security are widely being used for both government and commercial sector. Many countries seek for their computer security at the common criteria (CC), so organizations learn more how to make protection profiles (PPs) to protect them from outside threats. However in case people make protection profiles using both "Guide for the Production of PPs and STs" and the common criteria, they confront some problems when defining requirements for network-wide systems instead of a single system. Many requirements in the CC are described based on a single system\´s activities. We found that network-wide product\´s PPs are required of different approach, where some statements in the CC are modified or newly extended. We show that how the network-wide targets of evaluation (TOEs) are different from a single system TOE in terms of its protection scope. This paper is of prior interest to PP/ST writers who have tasks of composing network product, or typically IDS PP/ST.

Keywords

computer network management; formal specification; safety systems; security of data; common criteria; computer security international standards; gateway intrusion detection system; network protection profile; network-wide system security; operating system security requirements; Computer security; Control systems; Government; Information analysis; Information security; Intelligent networks; Intrusion detection; Operating systems; Production systems; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology, 2003. Proceedings. IEEE 37th Annual 2003 International Carnahan Conference on

Print_ISBN

0-7803-7882-2

Type

conf

DOI

10.1109/CCST.2003.1297581

Filename

1297581