Introduction
As an IT security professional, mastering the ISO/IEC 15408 standard, commonly referred to as the Common Criteria for IT Security Evaluation, is essential. This globally recognized standard offers a comprehensive framework for evaluating the security of IT products and systems, ensuring they meet high standards of security and trustworthiness. In this guide, we’ll explore the key concepts, relationships, and evaluation methodologies of the standard, offering insights and tips for IT security professionals.
Overview of ISO/IEC 15408
The ISO/IEC 15408 standard is structured into several parts, each focusing on a specific aspect of IT security evaluation:
- Part 1: General Model
- Part 2: Security Functional Components
- Part 3: Security Assurance Components
- Part 4: Evaluation Methodology
- Part 5: Predefined Packages of Security Requirements
Understanding these parts is crucial for effective implementation and evaluation.
Key Concepts: The Building Blocks of IT Security Evaluation
- Target of Evaluation (TOE): The TOE is the IT product, system, or component under evaluation. Clearly defining the TOE sets the scope for the evaluation process. (Part 1, Section 5.3.1)
- Security Target (ST): The ST outlines the security requirements for a specific TOE, usually developed by the product developer. It serves as a basis for evaluating whether the TOE meets the claimed security functionalities. (Part 1, Annex D)
- Protection Profile (PP): The PP specifies the security requirements for a specific type of TOE, serving as a template for developing STs and ensuring consistent evaluations for similar products. (Part 1, Section 10.2)
- PP-Modules and PP-Configurations: PP-Modules address specific security aspects of a TOE type not uniformly required across all products. These modules combine with base PPs to create PP-Configurations, enabling the specification of complex security needs. (Part 1, Sections 11.2 & 11.3)
- Security Functional Components: Part 2 defines a catalog of standardized security functions included in a PP or ST. These components are organized into families based on their security focus, such as user authentication (FIA_UAU), internal data transfer protection (FDP_ITT), or security audit (FAU).
- Security Assurance Components: Part 3 outlines the assurance requirements for the development and evaluation of the TOE, addressing aspects such as the development process, vulnerability analysis, and testing procedures.
- Evaluation Assurance Levels (EALs): Part 5 introduces standardized EALs, ranging from EAL1 (the most basic) to EAL7 (the most stringent). The appropriate EAL is chosen based on the required confidence level in the security of the TOE.
Relationships between Key Components: Understanding the Interplay
- PPs and STs: PPs provide a basis for developing STs, which guide the evaluation of specific TOEs.
- PP-Modules and PP-Configurations: PP-Modules offer flexibility within PPs, allowing tailored security requirements for specific TOE configurations.
- Security Functional Components and Security Assurance Components: Security Functional Components specify security requirements in both PPs and STs, while Security Assurance Components dictate the evaluation process’s rigor.
Evaluation Methodology: A Structured Approach
Part 4 emphasizes the importance of a well-defined evaluation methodology, outlining procedures and activities to assess the TOE against the security requirements defined in the ST. An essential aspect of the methodology is the “rationale,” which justifies the chosen evaluation activities and demonstrates their adequacy in addressing identified security risks.
Tips and Best Practices
- Clearly Define the TOE and ST: Ensure that the TOE and ST are well-defined and aligned with security requirements.
- Choose the Right EAL: Select an EAL that aligns with the required level of confidence in the security of the TOE.
- Use PP-Modules and PP-Configurations: Leverage PP-Modules and PP-Configurations to tailor security requirements to specific TOE configurations.
- Develop a Robust Evaluation Methodology: Establish a structured evaluation methodology that includes a clear rationale for the chosen evaluation activities.
Conclusion
The ISO/IEC 15408 standard is a vital tool for IT security professionals, providing a structured framework for evaluating the security of IT products and systems. By understanding and applying the key concepts and methodologies outlined in this standard, professionals can ensure their products meet the highest security and trustworthiness standards.
Conclusion
The ISO/IEC 15408 standard provides a comprehensive framework for evaluating IT security. By understanding the key concepts, relationships, and evaluation methodologies outlined in the standard, IT security professionals can ensure that their products and systems meet the highest standards of security and trustworthiness. By following the tips and best practices outlined in this article, organizations can unlock the full potential of the Common Criteria and contribute to a more secure and trustworthy digital environment for all stakeholders.