Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels

  • Hans Löhr
  • Ahmad-Reza Sadeghi
  • Christian Stüble
  • Marion Weber
  • Marcel Winandy
Conference paper

DOI: 10.1007/978-3-642-00587-9_4

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5471)
Cite this paper as:
Löhr H., Sadeghi AR., Stüble C., Weber M., Winandy M. (2009) Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels. In: Chen L., Mitchell C.J., Martin A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg

Abstract

This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation).

In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Hans Löhr
    • 1
  • Ahmad-Reza Sadeghi
    • 1
  • Christian Stüble
    • 2
  • Marion Weber
    • 3
  • Marcel Winandy
    • 1
  1. 1.Horst Görtz Institute for IT-SecurityRuhr-University BochumGermany
  2. 2.Sirrix AGBochumGermany
  3. 3.Bundesamt für Sicherheit in der Informationstechnik (BSI)BonnGermany

Personalised recommendations