TU Darmstadt / ULB / TUbiblio

Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels

Löhr, Hans and Sadeghi, Ahmad-Reza and Stüble, Christian and Weber, Marion and Winandy, Marcel :
Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels.
In: LNCS , 5471 . Springer
[Conference or Workshop Item] , (2009)

Abstract

This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation). In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).

Item Type: Conference or Workshop Item
Erschienen: 2009
Creators: Löhr, Hans and Sadeghi, Ahmad-Reza and Stüble, Christian and Weber, Marion and Winandy, Marcel
Title: Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels
Language: German
Abstract:

This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation). In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).

Title of Book: Proceedings of the 2nd International Conference on Trusted Computing
Series Name: LNCS
Volume: 5471
Publisher: Springer
Uncontrolled Keywords: Secure Things;Common Criteria, Protection Profile, Security Kernel, Trusted Computing
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Department of Computer Science > System Security Lab
LOEWE > LOEWE-Zentren
Department of Computer Science
LOEWE
Date Deposited: 10 Mar 2016 10:18
Identification Number: TUD-CS-2009-1852
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item