I INF 306 Lecture Notes - Lecture 8: Trusted Computing Base, Trusted Computer System Evaluation Criteria, Itsec

Protection mechanisms: process isolation, principle of least privilege, hardware segmentation, layering, abstraction, data hiding. Trusted computer system evaluation criteria: orange book , one volume in the rainbow series developed in 1983 by the us. Division d: minimal protection, i. e. , has been evaluated but does not meet the requirements for a higher evaluation class. Division a: verified protection: beyond a1 beyond current technology, class a1 verified design. Division b: mandatory protection: class b3 security domains, class b2 structured protection, class b1 labeled security protection. Tcsec class d and itsec e0 are, effectively, no security. The target of evaluation (toe) which is the system that is the subject of evaluation. The protection profile (pp) which specifies a required set of security features and assurance requirements for systems to satisfy that profile. The security target (st) which defines the functional and assurance measures of the toe security that are to be valuated, perhaps satisfying one or more pps.