Chapter 9 - Information Systems Evaluation Models

Question 1

Common Criteria

Answer 1

Common Criteria (CC) refers to the international standard, ISO 15408, which provides a framework for the specification, implementation, and evaluation of security requirements in information technology systems. Superseding TCSEC and ITSEC, systems (referred to as Target Of Evaluation or TOE) are assessed based on one of seven Evaluation Assurance Levels (EALs), ranging from EAL1 (Functionally Tested) to EAL7 (Formally Verified Design and Tested). The evaluation process is costly and can take up to two years and US$350,000 for levels EAL2 through EAL4.

Question 2

TCSEC

Answer 2

The Trusted Computer Security Evaluation Criteria (Orange book in the Rainbow Series) outlines criteria for evaluating the confidentiality of information in systems. TCSEC identifies four main security protection levels with additional sublevels:

• A: Verified protection
• B: Mandatory protection (with sublevels B3: Security domains, B2: Structured protection, B1: Labeled security)
• C: Discretionary protection (with sublevels C2: Controlled access, C1: Discretionary protection)
• D: Minimal security

TCSEC was later replaced by the Common Criteria.

Question 3

TNI

Answer 3

The Trusted Network Interpretation evaluation criteria (Red Book in the rainbow series) is used to evaluate confidentiality and integrity in trusted communications networks

Question 4

ITSEC

Answer 4

Information Technology Security Evaluation Criteria (ITSEC) is the European standard for the security evaluation of systems. Whereas TCSEC addresses only data confidentiality, ITSEC addresses confidentiality as well as integrity and availability.

ITSEC uses two sets of security levels (functionality and evaluation) that map to TCSEC’s levels.

ITSEC has also been superseded by the Common Criteria

Question 5

SEI-CMMI

Answer 5

The Software Engineering Institute Capability Maturity Model Integration is a model to objectively assess the maturity of an organisation’s systems engineering practices.

The objective of an organization’s assessment is to arrive at a rating of maturity levels, which
are:

• Level 0: Incomplete. Processes are incomplete and many activities are performed ad hoc if at all.
• Level 1: Performed. Processes are documented and performed.
• Level 2: Managed. Processes are managed and supported with skilled workers and tools.
• Level 3: Defined. Processes are defined according to a standard process framework model.
• Level 4: Quantitatively Managed. Processes are measured and managed according to the results of those measurements.
• Level 5: Optimising. Processes are measured and changed over time in order to improve them.

Question 6

SSE-CMM

Answer 6

The Systems Security Engineering Capability Maturity Model (SSE-CMM) is a process evaluation reference model that is focused on the requirements for implementing security in a system.
SSE-CMM has five levels of performance:

• Capability Level 1—Performed Informally
• Capability Level 2—Planned and Tracked
• Capability Level 3—Well Defined
• Capability Level 4—Quantitatively Controlled
• Capability Level 5—Continuously Improving