[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-ha
Subject:    ISO draft on computer security(?)
From:       Harald Albrecht <HARALD () plt ! rwth-aachen ! de>
Date:       1998-01-28 12:29:22
[Download RAW message or body]

Alexander Kjeldaas <astor@guardian.no> wrote:
> What you describe looks like a slassification system similar to the one
> used in the ISO draft on computer security (the common criteria). This is
> a very elaborate standard, but the classification system is nice. First
> there are several _classes_ of features, such as Cryptographic Support
> (FCS), Security Audit (FAU), Communication (FCO) etc. 

Could you give me some hints where to find more information about 
this subject -- I'm traditional a little bit picky about ISO 
standards, mainly because I've got hit by the 7-layer ISO model one 
or more times... it has just too few layers, so everything 
interesting ends up in layer 7 ;-)

> Since all these families with all their different levels (called
> "components" probably to avoid the notion of strict hierarchical ordering
> you mention) would be chaotic to handle for end-users, there are some
> predefined "Protection Profiles" (PPs) for different uses which specifies
> which functional families should satisfy which levels. Protection Profiles
> such as Commercial Security 1, Commercial Security 3, and Packet Filter
> Firewall are defined.

Sounds very interesting and seems to be of help to us.

Harald
Harald Albrecht
Chair of Process Control Engineering
Aachen University of Technology
Turmstrasse 46, D-52064 Aachen, Germany
Tel.: +49 241 80-7703, Fax:  +49 241 8888-238
email: harald@plt.rwth-aachen.de

[prev in list] [next in list] [prev in thread] [next in thread]