Standards for Product Security Assessment

István Zsolt Berta, Levente Buttyán, and István VAJDA, Budapest University of Technology and Economics, Hungary

Introduction

Approaches for Assessing Security

Approaches

How Can We Assess the Security of a Production?

Overview of Standards

Two Groups of Standards

Common Criteria Paradigm

Scope of Common Criteria

Approach

Security Requirements

Derivation of Requirements

Evaluation Assurance Levels

Common Criteria in Practice

Common Evaluation Methodology (CEM)

Common Criteria Recognition Arrangement (CCRA)

Trends in Evaluations

Criticisms of CC

Conclusion

Glossary

Cross References

References

INTRODUCTION

Defining the concept of a “security product” is a difficult issue. Certain products are designed with security as their primary purpose. For example, the existence of firewalls, smart cards, or intrusion detection systems can only be explained by security reasons. On the other hand, products such as operating systems, word processors, or e-mail clients have other functionalities they must fulfill; otherwise, they cannot be sold, regardless of their security. However, security is still a critical issue in this latter group, too. Security is often not a product by itself, but a requirement that all products should fulfill to a certain degree. In this sense, every IT product can be considered a security product.

It might be relatively easy to evaluate the usability of a product by testing some of the most frequent scenarios. However, the security ...