harald at plt
Jan 28, 1998, 5:29 AM
Post #1 of 2
(518 views)
Permalink
|
|
ISO draft on computer security(?)
|
|
Alexander Kjeldaas <astor [at] guardian> wrote:
> What you describe looks like a slassification system similar to the one
> used in the ISO draft on computer security (the common criteria). This is
> a very elaborate standard, but the classification system is nice. First
> there are several _classes_ of features, such as Cryptographic Support
> (FCS), Security Audit (FAU), Communication (FCO) etc.
Could you give me some hints where to find more information about
this subject -- I'm traditional a little bit picky about ISO
standards, mainly because I've got hit by the 7-layer ISO model one
or more times... it has just too few layers, so everything
interesting ends up in layer 7 ;-)
> Since all these families with all their different levels (called
> "components" probably to avoid the notion of strict hierarchical ordering
> you mention) would be chaotic to handle for end-users, there are some
> predefined "Protection Profiles" (PPs) for different uses which specifies
> which functional families should satisfy which levels. Protection Profiles
> such as Commercial Security 1, Commercial Security 3, and Packet Filter
> Firewall are defined.
Sounds very interesting and seems to be of help to us.
Harald
Harald Albrecht
Chair of Process Control Engineering
Aachen University of Technology
Turmstrasse 46, D-52064 Aachen, Germany
Tel.: +49 241 80-7703, Fax: +49 241 8888-238
email: harald [at] plt
|
