Secure USB Media Considerations for a Common Criteria Protection Profile

Development of protection profile and security target for Indonesia electronic ID card's (KTP-el) card reader based on common criteria V3.1:2012/SNI ISO/IEC 15408:2014

2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA) ◽

10.1109/icaicta.2014.7005905 ◽

2014 ◽

Author(s):

Muhamad Erza Aminanto ◽

Sarwono Sutikno

Keyword(s):

Card Reader ◽

Common Criteria ◽

Protection Profile

Download Full-text

Protection Profile of AMI based Common Criteria V3.1r4

Journal of Security Engineering ◽

10.14257/jse.2013.12.09 ◽

2013 ◽

Vol 10 (6) ◽

pp. 609-620

Author(s):

Byung-Hee Hwang ◽

Ho-Sung Jeon ◽

Young-Sam Bae ◽

Dong-Hoon Lee

Keyword(s):

Common Criteria ◽

Protection Profile

Download Full-text

Analysis of Security Requirements on DCU and Development Protection Profile based on Common Criteria Version 3.1

Journal of the Korea Institute of Information Security and Cryptology ◽

10.13089/jkiisc.2014.24.5.1001 ◽

2014 ◽

Vol 24 (5) ◽

pp. 1001-1011

Author(s):

Youngjun Cho ◽

Sinkyu Kim

Keyword(s):

Security Requirements ◽

Common Criteria ◽

Protection Profile

Download Full-text

US Government Application Level Firewall Protection Profile for Low Risk Environments. The Common Criteria

10.21236/ada386017 ◽

1997 ◽

Author(s):

Kris Britton ◽

Jack Walsh ◽

Wayne Jansen ◽

Thomas Kaygiannis ◽

Jandria Alexander

Keyword(s):

Low Risk ◽

Risk Environments ◽

Common Criteria ◽

Us Government ◽

The Common ◽

Protection Profile

Download Full-text

”Common Criteria” and Software Defined Network Security

Modeling and Analysis of Information Systems ◽

10.18255/1818-1015-2019-1-134-145 ◽

2019 ◽

Vol 26 (1) ◽

pp. 134-145

Author(s):

Andrey N. Petukhov ◽

Paul L. Pilyugin

Keyword(s):

Network Security ◽

Software Defined Network ◽

Conceptual Basis ◽

New Class ◽

Common Criteria ◽

Data Flows ◽

Message Exchange ◽

Architectural Principles ◽

Protection Profile ◽

Management Functions

«Common criteria» (ISO 15408) is a universally recognized and broadly applicable approach to information security solutions management and evaluation. «Common criteria» leans on developing a shared conceptual basis for key security solution modules including protection profiles and security targets. Conceptual basis development implies defining the following elements: security objectives and assumptions (for the environment and the object), threats and security policies, as well as functional and assurance requirements. The specifics of SDN (software defined network) security solutions is largely driven by fundamental architectural principles of SDN technology itself − primarily by the separation of control and data flows, − and by conditions imposed by Open Flow protocol application. However, proactive (threats and policies), passive (objectives and assumptions) and reactive (requirements) aspects of security management remain highly relevant for this type of security solutions. This paper discusses the Common Criteria application specifics for assessing the SDN security and practical MTUCI (Moscow Technical University of Communications and Informatics) experience in the development of the protection profile. A new class of network attacks on SDN switches and controllers can involve either data or control components. In addition to traditional vulnerabilities, centralization of management functions paves way for new security threats by isolating controller activity and administrative message exchange. Therefore, identifying and analyzing threats, policies and requirements specific to SDN control module security becomes an emerging priority.

Download Full-text