28 How do I interpret a rating? (Computer Security Evaluation)
Description
This article is from the Computer Security Evaluation FAQ, by Trusted Product Evaluation Program TPEP@dockmaster.ncsc.mil.
28 How do I interpret a rating? (Computer Security Evaluation)
A product evaluated by the Trusted Product Evaluation Program
(TPEP) will have one of several styles of ratings. A product
evaluated against the Trusted Computer System Evaluation
Criteria (TCSEC) will have one of the seven class ratings: A1,
B3, B2, B1, C2, C1, or D (see Section III, Question 4.) In
addition a TCSEC evaluated product may be evaluated to have met
requirements above it's class. These would be specified
additionally such as "meets the B1 requirements and the B2
Trusted Path requirement." It is very important to note that,
for example, a B1 evaluated system with B2 trusted path,
provides significantly less confidence that trusted path is
implemented correctly than a B2 evaluated system. That is to
say that the assurance is always that of the system's rated
class.
Some systems have been evaluated against the Compartmented Mode
Workstation (CMW) criteria. The CMW criteria levies minimum
features and assurances from the TCSEC as well as additional
usability criteria (e.g., specifying that the window system must
manipulate windows at multiple levels in certain ways.) The
TPEP has treated these systems as standard TCSEC evaluations
with additional requirements. From a security perspective the
CMW requirements do not preclude a B2 or higher CMW, however,
to this point all CMW evaluated systems are B1 evaluated with
additional TCSEC features above the evaluated class.
Another form of rating is a Trusted Network Interpretation
(TNI) component (see Section III, Question 5) rating. TNI
component ratings specify the evaluated class as well as which
of the four basic security services the evaluated component
provides. Thus, a B2-MD component is one that provides both
Mandatory Access Control (MAC) and Discretionary Access Control
(DAC). A B1-MDIA component is one that provides MAC, DAC,
Identification and Authentication, and Audit. Since a B1-MDIA
component meets all the Trusted Computer System Evaluation
Criteria (TCSEC) requirements for B1, it is likely that this
component is also evaluated as a B1 system if it can be used in
a non-network configuration.
A third form of rating is a Trusted Database Interpretation
(TDI) rating. This rating is the same as a TCSEC rating except
that the rating applies to the composite of the evaluated
application and each of the listed underlying systems.
Finally, products evaluated against the Computer Security
Subsystem Interpretation (CSSI) of the TCSEC have been given
variations of D division (see Question 4) ratings. These
appear for example as I&A/D2, Audit/D1, DAC/D3, and OR/D.
These products all have very low assurance regardless of the
features.
Continue to:
My Books
