TU Darmstadt / ULB / TUbiblio

Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels

Löhr, Hans ; Sadeghi, Ahmad-Reza ; Stüble, Christian ; Weber, Marion ; Winandy, Marcel :
Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels.
In: LNCS , 5471 . Springer
[Konferenz- oder Workshop-Beitrag], (2009)

Kurzbeschreibung (Abstract)

This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation). In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).

Typ des Eintrags: Konferenz- oder Workshop-Beitrag (Keine Angabe)
Erschienen: 2009
Autor(en): Löhr, Hans ; Sadeghi, Ahmad-Reza ; Stüble, Christian ; Weber, Marion ; Winandy, Marcel
Titel: Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels
Sprache: Deutsch
Kurzbeschreibung (Abstract):

This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation). In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).

Buchtitel: Proceedings of the 2nd International Conference on Trusted Computing
Reihe: LNCS
Band: 5471
Verlag: Springer
Freie Schlagworte: Secure Things;Common Criteria, Protection Profile, Security Kernel, Trusted Computing
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > Systemsicherheit
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
LOEWE
Hinterlegungsdatum: 10 Mär 2016 10:18
ID-Nummer: TUD-CS-2009-1852
Verwandte URLs:
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen