CERTIFIEDSECURE SOFTWARE DEVELOPMENT

with

COMMON CRITERIA

CONTENT

CC IN A NUTSHELL

CC BACKGROUND

AIM AND GOAL OF CC

ADVANTAGES OF CC

WHY DO WE RECOMMEND CC TO DEVELOPERS?

WHEN IS CC THE RIGHT CHOICE?

EVALUATION PROCESS

EVALUATION ASSURANCE LEVELS

GEOGRAPHICAL COVERAGE

WHAT DO WE OFFER? 1

Common Criteria is a security evaluation and certification programme, assuring the certified products’ resistance against threats and also that they are functionally trust-worthy.

The Common Criteria Scheme is unique, because it is ac-cepted all over the world, through the governmental asso-ciation called CCRA (Common Criteria Recognition Agree-ment) of 25 countries at the moment, and also with varying conditions through other associations like SOGIS (Senior Of-ficials Group Information Systems Security), a European gov-ernmental group.

It is also unique, because the standard is not about actual security requirements, but a set of rules about how to create a product line-fitted requirement list called Protection Pro-file, which can be refined to be a specific security standard of an actual Product, called a Security Target. The evaluation and the certification of the product is against this document.

COMMON CRITERIAIN A NUTSHELL

2

The Common Criteria has been alive and working for 16 years now, which is a long time in security.

It is constantly renewed and rethought, the new release of it 3.1. version is coming soon, before the end of 2015.

During the International Common Criteria Conference 2015 in Windsor, both the EU and the NATO reconfirmed that they support and use Common Criteria in they procurements to make sure that the products they buy and use are secure.

This is the final filter, as it means that it is fit even for Military use.

COMMON CRITERIABACKGROUND

3

The original goal of Common Criteria was to allow a method for the customers to specify the security require-ments of products according to their needs and in a stan-dardized way, so that the manufacturers and developers were able to specify and develop the products according to the requirements, conformant to the customer needs and also to the security requirements.

This original aim has been slightly transformed since, as international organizations define the requirements of product categories according to the Common Criteria.

The certifications according to these requirement frame-works are an assurance that the certified products resist against the threats and also functionally trustworthy.

The other aim was – and this remained – that all around the world mutually recognized product categories get developed, which are accepted everywhere.

The headlines in connection with the protected data of evaluated products are confidentiality, integrity and availability.

The standard in summary assesses the aim of the prod-uct, the physical and logical environment, and gives a standardized approach through assumptions, threats and policies, which are the security objectives, to choose security requirements (functional, assurance and en-vironmental), and these will be the requirements of the product. The aim of the certification is to prove that the product conforms to the requirements.

AIM AND GOAL OFCOMMON CRITERIA

4

Some of the main advantages of Common Criteria are:

• The standard was created reviewing the previously existing methods, it is widely used and accepted.

• Because of the independent evaluations the products evaluated according to the certain requirement collec-tions (called Protection Profiles) are comparable.

• You can offer assuredly reliable and secure products, which the market will accept without any doubt – if you have a Certificate.

• The products will comply to the continuously enhanc-ing security needs.

• The product will be accepted in most countries if it has a Certificate.

• The international and government procurements fre-quently require a CC Certificate.

ADVANTAGES OFCOMMON CRITERIA

5

1. Common Criteria is a standard about Information Tech-nology Security Evaluation, which, is true to its name : Commonly accepted all over the World, in 25 countries.

2. The standard defines a construct of creating the system of the product security, in an implementation-indepen-dent structure called Protection Profile, or in an imple-mentation-dependent structure called Security Target, giving the possibility to create a truly product-fitting security requirement construct.

3. The security requirements are set up in a system based on the assets of the product, and the threats to be coun-tered, taking into consideration the security policies and assumptions, satisfying the security objectives, thus pro-ducing an effective security system.

4. If the requirements cannot be chosen from the pre-defined set, there is a possibility and a defined method to create entirely new requirements.

5. The product is made more secure during the evalua-tion process, which helps the developers with the obser-vations by evaluation experts.

WHY DO WE RECOMMENDCC TO DEVELOPERS?

6

WHY DO WE RECOMMENDCC TO DEVELOPERS?

7

6. There are 7 predefined evaluation depths called Evaluation Assurance Levels, and a possibility to cre-ate new ones, giving the chance to conduct the eval-uation method best fit for the needs of developers or customers.

7. The evaluated and certified products can be com-pared by the customers.

8. The customer recognition of the certified product is higher, because the evaluation and certification ex-perts are trusted by the consumers.

9. There are many tenders where the customers ask for a Common Criteria Certificate of the product. During the ICCC 2015 conference, both the EU and NATO backed up Common Criteria, stating that the CC Certifications played and will play a significant role in the procurements of the associations.

10. There are already more than 2500 certified prod-ucts.

11. Common Criteria certification is a mandatory re-quirement for a growing number of applications.

Common Criteria is a great choice for a wide range of applications.

We especially recommend it for:

• Card applets (ID cards, access cards, signature cards, etc.)

• Detection Devices and Systems(Log analysers, Vulner-ability managers, etc.)

• Data Protection Software (Backup solutions, Cryp-tographic solutions, etc.)

• Access control systems (Access analysers, Authentica-tion systems, Policy managers, etc.)

• Boundary Protection Systems ( Software firewalls, Se-cure messaging platforms, etc.)

• Other systems (Smart Metering, Smart devices, Mobile computing, RFID systems, etc.)

Some other recommended areas of application include:

• Access Control Devices and Systems

• Biometric Systems and Devices

• Boundary Protection Devices and Systems

• Data Protection

• Databases

• Detection Devices and Systems

• ICs, Smart Cards and Smart Card-Related Devices and Systems

• Key Management Systems

• Multi-Function Devices

• Network and Network-Related Devices and Systems

• Operating Systems

• Products for Digital Signatures

WHEN IS CCTHE RIGHT CHOICE?

8

The evaluation and certification methodology can be found in the document called Common Evaluation Meth-odology, and in the chosen National Scheme documents. It is important to clear the roles at the beginning of the process.

The Certification process is not necessarily about the compliance of the Product, the documents containing the requirements – the Protection Profile or Security Tar-get – can also be certified.

If the development has been done according to already certified documents, the evaluation assurance levels are determined before the beginning of the certification, and with this decision the mandatory documents are also de-termined.

This step is followed by the schedule of the evaluations.

If the schedule is accepted by both parties, the evalua-tors revise the target of the evaluation according to re-quirements, one by one. If there are non-conformities or doubts the evaluators communicate these with the de-veloper.

Usually the developer has the opportunity to revise the non-conformities during the evaluation. The revisions naturally lead to repeated evaluations.

The results of the evaluations will appear in Evaluation Reports, according to which the Certification Body of the chosen scheme can issue the Certificate.

EVALUATION AND CERTIFICATION PROCESS

9

The Evaluation Assurance Levels (EALs) provide an in-creasing scale that balances the level of assurance ob-tained with the cost and feasibility of acquiring that de-gree of assurance.

The CC approach identifies the separate concepts of assurance in a TOE at the end of the evaluation, and of maintenance of that assurance during the operational use of the TOE.

There are 7 predefined EALs and the possibility to cre-ate new custom levels as well.

Generally it can be stated that the highest attainable as-surance level of the commercial products is the EAL4.

It is a general custom that only the evaluation assurance level is indicated with the fact that the product is certi-fied, but it can also be recommended to list the Protec-tion Profile containing the general requirements, or even the Security Target containing the requirements tailored to the special needs of the product.

The predefined EAL levels are the following:

• EAL1: functionally tested• EAL2: structurally tested• EAL3: methodically tested and checked• EAL4: methodically designed, tested, and reviewed• EAL5: semiformally designed and tested• EAL6: semiformally verified design and tested• EAL7: formally verified design and tested

EVALUATION ASSURANCELEVELS (EALs)

10

The geographical coverage is split according to the certification-capability of the participant states.

There are Certificate Providers (Australia, Canada, France, Germany, Italy, India, Japan, Malaysia, the Neth-erlands, New Zealand, Norway, South Korea, Spain, Sweden, Turkey, the United Kingdom and the United States),

and Certificate Consumers (Austria, Czech Republic, Denmark, Finland, Greece, Hungary, Israel, Pakistan).

Our software evaluation laboratory - CCLAB - Systrans -is accredited through the Italian Scheme.

11

GEOGRAPHICALCOVERAGE

We are the only CC accredited lab in wholeCentral-Europe, There are no other licensed laborato-ries, for another 765 km to the West, 1000 km to the South, or the North, and 8000 km to the East,

We are licensed under the Italian Scheme, which is part of both the CCRA and the SOGIS,

We are licensed up to the Evaluation Assurance Level (EAL) 4+, which is most probably the highest level you will need.

Due to the Central-European labor cost landscape our Laboratory can offer higher proficiency paired with competitive prices, and we mean it!

12

WHAT DO WEOFFER?

CONTACT US FOR A CONSULTATION:

WEB: dosell.ioEMAIL: tibor.zahorecz@dosell.ioMOBILE: +36 30 836 4099

LET US MANAGE YOUR COMMON CRITERIACERTIFICATION PROJECT!