[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-ha
Subject: ISO draft on computer security(?)
From: Harald Albrecht <HARALD () plt ! rwth-aachen ! de>
Date: 1998-01-28 12:29:22
[Download RAW message or body]
Alexander Kjeldaas <astor@guardian.no> wrote:
> What you describe looks like a slassification system similar to the one
> used in the ISO draft on computer security (the common criteria). This is
> a very elaborate standard, but the classification system is nice. First
> there are several _classes_ of features, such as Cryptographic Support
> (FCS), Security Audit (FAU), Communication (FCO) etc.
Could you give me some hints where to find more information about
this subject -- I'm traditional a little bit picky about ISO
standards, mainly because I've got hit by the 7-layer ISO model one
or more times... it has just too few layers, so everything
interesting ends up in layer 7 ;-)
> Since all these families with all their different levels (called
> "components" probably to avoid the notion of strict hierarchical ordering
> you mention) would be chaotic to handle for end-users, there are some
> predefined "Protection Profiles" (PPs) for different uses which specifies
> which functional families should satisfy which levels. Protection Profiles
> such as Commercial Security 1, Commercial Security 3, and Packet Filter
> Firewall are defined.
Sounds very interesting and seems to be of help to us.
Harald
Harald Albrecht
Chair of Process Control Engineering
Aachen University of Technology
Turmstrasse 46, D-52064 Aachen, Germany
Tel.: +49 241 80-7703, Fax: +49 241 8888-238
email: harald@plt.rwth-aachen.de
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic