Scribd
Upload
1K views24 pages

Orange Book

The document discusses the Trusted Computer System Evaluation Criteria (TCSEC), also known as the Orange Book. It provides metrics to classify computer systems based on their security level from D to A1, with A1 being the most secure. The Orange Book establishes requirements for security policy, accountability, assurance, and documentation to evaluate how trustworthy a system is.

Uploaded by

Gennier Alexis Miranda Sánchez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
1K views24 pages

Orange Book

The document discusses the Trusted Computer System Evaluation Criteria (TCSEC), also known as the Orange Book. It provides metrics to classify computer systems based on their security level from D to A1, with A1 being the most secure. The Orange Book establishes requirements for security policy, accountability, assurance, and documentation to evaluate how trustworthy a system is.

Uploaded by

Gennier Alexis Miranda Sánchez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 24

TCSEC: The Orange Book

TCSEC Purpose
 Trusted Computer System Evaluation Criteria
 Purpose:
 Provides the basic requirements for assessing the
effectiveness of computer security controls built into
a computer system.
 Used to evaluate, classify, and select systems being
considered as platforms for computing resources.
TCSEC: Orange Book
 Metrics – provides a metric (classification) for
determining the level of trust assigned to a
computing system.

 Guidance – provides guidance on how to


design a trusted computing system along with
their associated data and services
Orange Book: Metrics
 Measurement of a system's security is
quantified using a classification system.
 The Classes are:
 D-
 C1 & C2
 B1, B2, B3
 A1
 A is more secure than D
 2 is more secure than 1.
Orange Book: Metrics
 D applies to any system that fails to meet any of
the higher level security classes.
 The other levels have increasing security
requirements.
 A1 systems are rare.
Metrics: C1
• Identification and authentication (user id &
password)
• Separation of users and data
• DAC – capable of enforcing access controls
• Example: Basic Unix/Linux OS
Metrics: C2
• C1 plus
• More sophisticated DAC
• Audit trails
• System documentation and user manuals.
Metrics B1
• C2 plus
• Use of hierarchical sensitivity labels
• Discovered weaknesses must be mitigated
Metrics B2
• B1 plus
• Security policy must be defined and
documented
• Access controls for all subjects and objects
Metrics: B3
• B2 plus
• Automated imminent intrusion detection,
notification and response.
Metrics: A1
• B3 +
• System is capable of secure distribution (can
be transported and delivered to a client with
the assurance of being secure)
Orange Book Security Criteria
 Security Policy
 Accountability
 Assurance
 Documentation
1. Security Policy
 The set of rules and practices that regulate how
an organization manages, protects, and
distributes information.
1. Security Policy
 The policy is organized into subjects and
objects.
 Subjects act upon objects
 Subjects – processes and users.
 Objects – data, directories, hardware, applications
 A well defined protocol determines if a subject
can be permitted access to an object.
2. Accountability
 The responsibilities of all who come in contact
with the system must be well defined.
 Identification (… the process to identify a user)
 Authentication (… as in, authenticated to
access specific resources)
 Auditing (...accumulating and reviewing log
information and all actions can be traced to a
subject)
3. Assurance
 The reasonable expectation that the security
policy of a trusted system has been
implemented correctly.
 Assurance is organized into
 Operational assurance
 Life-cycle assurance
3a. Organizational Assurance
 Security policy is maintained in the overall
design and operation of the system.
 Example: Users of the system have an assurance
that access controls are enforced
3b. Life-cycle Assurance
 Insuring the system continues to meet the
security requirements over the lifetime of the
system.
 Updates to the software and hardware must be
considered
 The expectation that the system remains
operational (is available) over its lifetime
4. Documentation Requirements
 Security Features User's Guide
 Trusted Facility Manual
 Test Documentation
 Design Documentation
Documentation: Security Features
User's Guide
 Aimed at the ordinary (non-privileged) users.
 General usage policy
 *Instructions on how to effectively use the system
 Description of relevant security features
Documentation: Trusted Facility
Manual
 Aimed at the S.A. Staff
 How the system is configured and maintained
 Includes the day-to-day required activities
Documentation: Test
Documentation
 Instructions on how to test the required security
mechanisms
Documentation: Design
Documentation
 Define the boundaries of the system
 A complete description of the hardware and
software.
 Complete system design specifications
 Description of access controls
The Orange Book
• The Orange book has been superseded by the
Common Criteria

You might also like