alc- & agd-revision sonnenberg 2005-09-28 slide 3 alc- & agd-revision • redundant...
TRANSCRIPT
ALC- & AGD-Revision
Frank Sonnenberg
Bundesamt für Sicherheit in der Informationstechnik /
Federal Office for Information Security
6th ICCC / 2005-09-29
Frank Sonnenberg 2005-09-28 Slide 2
ALC- & AGD-Revision
• Motivation for the Revision
• Development Strategy and Realisation
of the ALC- & AGD-Rewrite
• Overview of the main changes in the
new ALC- and AGD-Families
• Benefit after the Revision
• Summary
Presentation Content
Frank Sonnenberg 2005-09-28 Slide 3
ALC- & AGD-Revision
• Redundant evaluation activities throughout
the ALC-, ACM-, ADO- & AGD-classes
• Integration of requirements which were
misplaced in AVA_MSU into AGD
• Misunderstandings coming from the
ALC-, ACM- & ADO Terminology
• Numerous ALC-, ACM- & AGD- relevant RIs
Reasons for the Revision
Frank Sonnenberg 2005-09-28 Slide 4
ALC- & AGD-Revision
Motivation for the Revision
The aim of the ALC- and AGD-Revision
... have primarily been to eliminate redundancies
... and to enhance clarification of the evaluation work,
... not to modify the contents of the concerned classes.
However, minor changes of the contents should be
made whenever sensible and helpful for the Revision.
Frank Sonnenberg 2005-09-28 Slide 5
ALC- & AGD-Revision
Project Strategy
Interested
Organisations
BSI (Lead Nation)supported by SRC
Transition Guide
Agreed Proposals
Final Documentation
of the Criteria and Methodolgy
Interested NationsCCIMB
Contributions
Frank Sonnenberg 2005-09-28 Slide 6
ALC- & AGD-Revision
Development Strategy
Development of an improved
ALC-, ACM-, ADO- & AGD-concept
Identifying
Terminology-Problems
Identifying
additional Aspects
Consideration
of relevant RIs
Indicating
Redundancies
Updating
Terminology
Processing RIsElimination
of Redundancies
Consideration
of New Aspects
Frank Sonnenberg 2005-09-28 Slide 7
ALC- & AGD-Revision
Development Period
Preparation Phase
Development PhaseLN-Meeting Madrid (SP)
Conception Phase
Comment Phase
Integration of Comments
LN-Meeting Columbia (USA)
LN-Meeting Bonn (GE)
CCMB-Meeting Australia
LN-Meeting Delft (NL)
LN-Meeting Lanzarote (SP)
LN-Meeting Bonn (GE)
2003 2004 2005 2006
Frank Sonnenberg 2005-09-28 Slide 8
ALC- & AGD-Revision
Frank Sonnenberg 2005-09-28 Slide 9
ALC- & AGD-Revision
Frank Sonnenberg 2005-09-28 Slide 10
ALC- & AGD-Revision
The new ALC Families CMC & CMS
CC-Version 2.2
CC-Version 3.0
ACM_AUT ACM_CAP ACM_SCP ADO_IGS
Capability of the
CM System used
CM-Items under
CM-Scope
ALC_CMC ALC_CMSIncluding CEM
up to EAL7
Frank Sonnenberg 2005-09-28 Slide 11
ALC- & AGD-Revision
The updated ALC Family DVS
CC-Version 2.2
CC-Version 3.0
CC-Version 3.x
Guidance on
„How to perform Site Visits“
Procedures for
ALC-Reusability/Site Certification
Adaption to the
New Terminologie
CEM provided for
ALC_DVS.2 (EAL7)
Minor additional
Explanation in the CEM
Frank Sonnenberg 2005-09-28 Slide 12
ALC- & AGD-Revision
The untouched ALC Family FLR
CC-Version 2.1
CC-Version 3.0
CC-Version 2.2
FLR-Supplement
FLR-related RIs
Frank Sonnenberg 2005-09-28 Slide 13
ALC- & AGD-Revision
The clarified ALC Family LCD
CC-Version 2.2
CC-Version 3.0
Adaption to the
New Terminologie
CEM provided for
ALC_LCD.2 & .3 (EAL7)
Detailed Description of
all Life Cycle Phases
Extensive Definition of
all Life Cycle Terms used
Harmonisation of the
defined Life Cycle Terms
Frank Sonnenberg 2005-09-28 Slide 14
ALC- & AGD-Revision
The completed ALC Family TAT
CC-Version 2.2
CC-Version 3.0
CEM provided for
ALC_TAT.2 & .3 (EAL7)
Clear Definition of
TAT-related Terms
Frank Sonnenberg 2005-09-28 Slide 15
ALC- & AGD-Revision
The integrated ALC Family DEL
CC-Version 2.2
CC-Version 3.0
ADO_DEL.1:
Delivery Procedures
ADO_DEL.2:
Detection of Modif.
ADO_DEL.3:
Prevention of Modif.
ALC_DEL.1:
Delivery ProceduresTransfer from
Developer to User only
Developer determine on
the assets to be protected
Confidentiality
AvailabilityIntegrity
Frank Sonnenberg 2005-09-28 Slide 16
ALC- & AGD-Revision
The merged AGD Family OPE
CC-Version 2.2
CC-Version 3.0
AGD_ADM:
Administrator Instructions
AGD_USR:
User Instructions
Nearly identical
Requirements
with regard to the TOE Operation
AGD_OPE:
Instructions for the TOE Operation
Merging
by Defining User Roles
AVA_MSU.1:Redundant AGD-Requirem.
AVA_MSU.1:Redundant AGD-Requirem.
Frank Sonnenberg 2005-09-28 Slide 17
ALC- & AGD-Revision
The complementary AGD Family PRE
CC-Version 2.2
CC-Version 3.0
ADO_DEL:
User-related
Requirements
ADO_IGS:
User-related
Instructions
AVA_MSU.1:
Redundant
AGD-Requirements
AGD_PRE:
Preparatory Instructions
„TOE“ Delivery
TOE Operation
{
Frank Sonnenberg 2005-09-28 Slide 18
ALC- & AGD-Revision
Benefit of the new ALC & AGD (I)
Frank Sonnenberg 2005-09-28 Slide 19
ALC- & AGD-Revision
Benefit of the new ALC & AGD (II)
Frank Sonnenberg 2005-09-28 Slide 20
ALC- & AGD-Revision
Summary(I)
• 28 RIs have been solved and/or considered
• The ALC- and AGD-Terminology has been
redefined where necessary
• The old ALC, ACM, ADO and AGD Classes have
been reorganised by elimination of redundancies
• Several new aspects have been taken into
account
• Development of a complete ALC-CEM for EAL > 4
Frank Sonnenberg 2005-09-28 Slide 21
ALC- & AGD-Revision
Summary(II)
• The internal Structure of all ALC and AGD
Families has been changed
• Elimination of Redundancies between AGD
and AVA_MSU
• A Transition Guide is provided which explains
all ALC & AGD related changes
• The new ALC leads to an efficient evaluation
process which reduces evaluation time and money
Frank Sonnenberg 2005-09-28 Slide 22
Contact Information
Bundesamt für Sicherheit in der
Informationstechnik (BSI) /
Federal Office for Information Security
Dr. Frank Sonnenberg
Godesberger Allee 185-189
53175 Bonn
Tel: +49 (0)1888-9582-470
Fax: +49 (0)1888-10-9582-470
www.bsi.bund.de
www.bsi-fuer-buerger.de