Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Linux-HA: Users
ISO draft on computer security(?)
 

Index | Next | Previous | View Flat


harald at plt

Jan 28, 1998, 5:29 AM


Views: 678
Permalink
ISO draft on computer security(?)

Alexander Kjeldaas <astor [at] guardian> wrote:
> What you describe looks like a slassification system similar to the one
> used in the ISO draft on computer security (the common criteria). This is
> a very elaborate standard, but the classification system is nice. First
> there are several _classes_ of features, such as Cryptographic Support
> (FCS), Security Audit (FAU), Communication (FCO) etc.

Could you give me some hints where to find more information about
this subject -- I'm traditional a little bit picky about ISO
standards, mainly because I've got hit by the 7-layer ISO model one
or more times... it has just too few layers, so everything
interesting ends up in layer 7 ;-)

> Since all these families with all their different levels (called
> "components" probably to avoid the notion of strict hierarchical ordering
> you mention) would be chaotic to handle for end-users, there are some
> predefined "Protection Profiles" (PPs) for different uses which specifies
> which functional families should satisfy which levels. Protection Profiles
> such as Commercial Security 1, Commercial Security 3, and Packet Filter
> Firewall are defined.

Sounds very interesting and seems to be of help to us.

Harald
Harald Albrecht
Chair of Process Control Engineering
Aachen University of Technology
Turmstrasse 46, D-52064 Aachen, Germany
Tel.: +49 241 80-7703, Fax: +49 241 8888-238
email: harald [at] plt

Subject User Time
ISO draft on computer security(?) harald at plt Jan 28, 1998, 5:29 AM
    ISO draft on computer security(?) astor at guardian Jan 28, 1998, 4:06 AM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.