Evaluation

Question 1

What is the purpose of evaluation in system security?

Answer 1

Evaluation is a process where the evidence for assurance is gathered and analyzed. This process gives us a measure of trust, i.e., the extent to which the system satisfies the defined security criteria.

Question 2

What does a formal evaluation methodology provide?

Answer 2

A formal evaluation methodology provides:

• A set of requirements defining the security functionality for the system.
• A set of assurance requirements that specify the steps for analyzing the assurance evidence.
• A methodology for determining whether the system meets the security requirements based on the analysis of the assurance evidence.
• A measure of the evaluation result, level of trust, which indicates how trustworthy the system is with respect to the requirements.

Question 3

What are typically the targets of an evaluation (what is being evaluated)?

Answer 3

The target can either be:

• A product, i.e., software, hardware, firmware.
• A system which is a collection of products.

Question 4

What are the two situations evaluation methods should try to prevent? What requirements are enforced to stop this?

Answer 4

Firstly, an evaluated system should not be determined to to contain serious flaw after an evaluation.

Secondly, different evaluations of the same system/product should not disagree in their assessment.

To prevent this from happening, the following requirements are enforced on evaluation methods:

• Repeatability: re-evaluation by the same team gives the same results.
• Reproducability: re-evaluation by a different team gives the same results.

Question 5

What are some of the most famous evaluation methodologies?

Answer 5

1. The Orange Book, better known as TCSEC.
2. The German, French, and the British criteria.
3. Information Technology Security Evaluation Criteria, also known as ITSEC.
4. The Canadian criteria and the Federal criteria.
5. The Common Criteria, also known as CC.