检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《清华大学学报(自然科学版)》2016年第5期493-498,共6页Journal of Tsinghua University(Science and Technology)
基 金:国家自然科学基金资助项目(61202493)
摘 要:通用评估准则(CC)未论述安全架构及策略模型这2个保障要求的具体分析方法,因而不利于实际的安全评估工作。为此,首先从设计分解的角度论述了CC的基本评估模型,将安全功能(TSF)从内涵功能和元功能2个角度进行定义,以此论述安全架构设计的意义,并基于脆弱性分析活动来描述安全架构及评估方法。其次,从论述保护轮廓(ST)与功能规范(FSP)的逻辑差距出发,描述了形式化安全策略模型的意义,并提出了对TSF要求进行(半)形式化的方法来弥补此差距的途径。由于等同于CC v3.1标准的国标GB/T18336即将在中国推行,该文结论将有助于改进后续的安全评估工作。The Common Criteria (CC) does not adequately explain the security architecture and policy model requirements which hinders security evaluations. This paper classifies the requirements through a general CC evaluation model based on design decomposition. The analysis then categorizes the TOE security functionality (TSF) as the TSF meta-functionality and the TSF obligatory functionality to demonstrate the need for justifying the security properties in the architecture design. Then, security architecture description and evaluation approaches are described for vulnerability analysis activity. Then, this paper describes the need for formalizing the security policy model based on observations of the logical gap between the security target (ST) and the functional specification (FSP) requirements. A (semi-) formalization of the security functional requirements is given to bridge the gap. The national standard GB/T18336 (the Chinese version of CC v3.1) will be adopted soon in China, so the analysis in this paper is needed to improve security evaluation activities.
关 键 词:CC评估 安全架构 TSF元功能 TSF内涵功能 安全策略模型
分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.133.141.175