I am often asked this question: How can I evaluate the security of a software system? One answer is: do we have specialized software security evaluation standards and institutions? Yes, we have specialized international standard common criteria, ISO/IEC 15408, and National Standard GB 18336. There are specialized evaluation centers, such as common criteria lab and China Information Security product evaluation and certification centers. It seems that we only need to provide the relevant documents according to the standards and hand over the software to the evaluation agency? But is it really that simple? For example, Microsoft's Windows 2000 system has received the eal4 + certification of common criteria, but there are still so many software security patches released. What is the problem? Let's take a look at how common criteria evaluates the security of software systems. First, determine the Protection Profile (PP) of the product ). A pp defines a Security Feature Template for a type of products. For example, database PP and firewall pp. Then, according to the PP, propose specific security functional requirements (security functional requirement), such as how the user's identity authentication is implemented. Next, determine the security target of the product and how it meets the security functional requirements. That is to say, the common criteria mainly focuses on the software in a generous manner.
Design. However, for specific Encoding
Implementation, And
DeploymentIt is not involved. Sd3, namely secure design, secure development, and secure deployment, cannot solve any problem. On the other hand, the core concern of end users is "is this software security ". There is no difference between a security vulnerability caused by design and a security vulnerability caused by implementation on the user's final impact. Common criteria's lack of assessment on software implementation and deployment can be said to be the biggest challenge facing CC. In addition, common criteria requires a large number of documents and long evaluation cycles, which greatly affects its effectiveness in evaluating software security for enterprises and individual users. For example, the evaluation cycle of a product is sometimes 2-3 years: old products will also be replaced by new products when the evaluation results come out. To evaluate (and improve) the security of a software system, you must start from the three phases of design, implementation, and deployment. Currently, Microsoft's security software development cycle (SDL) provides a reference solution based on the Microsoft development model. It is not an evaluation test standard similar to CC. However, you can learn from how to effectively evaluate the security of software implementation and deployment (such as fuzz testing.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.