Common Criteria Methodology

Lab Overview.  This tutorial will introduce you to The Common Criteria (CC), which comprises two parts.  The first part is a structure and language for expressing product/system IT security requirements (Part 1).  The second part is a catalog of standardized IT security requirement components and packages (Parts 2 and 3).  In this tutorial you will evaluate a Protection Profile (PP), Security Target (ST), and Target of Evaluation (TOE), which require you to use CC Part 1.  After evaluating a product you will have to generate your own ST for a product. 

This tutorial is divided into five sections.  The first goes over what resources is required to complete this tutorial and asks some preliminary questions.  The second describes general evaluation guidelines, that include PP, ST, and TOE.  The third section covers the evaluation of functional requirements of TOE.  The final two sections are the tutorial questions and references.  This lab is used in IS2820/TELECOM2813 Security Management

Resources for Tutorial.  To complete this tutorial you will need the following:

PC running on the Windows 2000 operating system with Administrator privileges. 
Access to the Internet is also required to view resources.  

Preliminary Questions. 

1. What is the difference between Protection Profile (PP) and Security Target (ST)?   CC provides a common ground on which products may be evaluated. The PP and ST play major roles in determining the functional as well as assurance requirements. What purposes do PP an ST serve?

2. How is the Evaluation Assurance Level (EAL) of a product determined? Products may be evaluated for various levels of assurance depending upon the capability of the product. What are the factors that help determine the appropriate EAL level for which any product should be evaluated?

3. What is the process of validating a product? CC follows a rigorous methodology in validating a product called the CEM. How is the methodology used to ensure that the validation is correct and complete?

4. How is the TOE Security Function (TSF) for a product evaluated?
The activities involved in validating a product comprises of evaluating whether or not the product satisfies the TSFs. What are the work units that are performed in this process?

Lab objectives. 

Part A: Evaluation of PP, ST, and TOE.

1. Evaluate a given PP from [1]. (refer to Part IV, section A for evaluation guidelines)

2. Evaluate a given ST from [2]. (refer to Part IV, section A for evaluation guidelines)

3. Evaluate the TSF of Windows 2000 operating system using the ST given in [2]. (refer to Part IV, section B for TSF evaluation guidelines)

Part B: Generation of ST.

1. Generate ST for the product: Cisco PIX 501 Firewall, given PP from [1].  (refer to CC documentation also discussed in class)