TU Darmstadt / ULB / TUbiblio

Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels

Löhr, Hans ; Sadeghi, Ahmad-Reza ; Stüble, Christian ; Weber, Marion ; Winandy, Marcel (2009)
Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels.
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation). In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2009
Autor(en): Löhr, Hans ; Sadeghi, Ahmad-Reza ; Stüble, Christian ; Weber, Marion ; Winandy, Marcel
Art des Eintrags: Bibliographie
Titel: Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels
Sprache: Deutsch
Publikationsjahr: April 2009
Verlag: Springer
Buchtitel: Proceedings of the 2nd International Conference on Trusted Computing
Reihe: LNCS
Band einer Reihe: 5471
Zugehörige Links:
Kurzbeschreibung (Abstract):

This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation). In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).

Freie Schlagworte: Secure Things;Common Criteria, Protection Profile, Security Kernel, Trusted Computing
ID-Nummer: TUD-CS-2009-1852
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > Systemsicherheit
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
LOEWE
Hinterlegungsdatum: 10 Mär 2016 10:18
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Zugehörige Links:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen