RE: Expertise, Resources, and Motivation of Attackers

Subject: RE: Expertise, Resources, and Motivation of Attackers
From: "Arnold, James L. Jr." <JAMES.L.ARNOLD.JR@saic.com>
Date: Mon, 3 Mar 2003 08:38:57 -0500
Content-Type: text/plain; charset="iso-8859-1"


First, I think that while a SOF claim may not be applicable when there are
no permutational or probabilistic mechanisms, STs and PPs should be clear in
identifying that there are no relevant claims.

Second, I find the comment about PP authors not being able to determine
whether there will be permutational or probabilistic in conforming TOEs
somewhat interesting. Permutational and probabilistic mechanisms are
inherently less trustworthy than absolute mechanisms. If a PP author
includes only requirements that seem to be absolute in nature, it seems
wrong that an ST author could satisfy such a requirement with a
permutational or probabilistic mechanism. Basically, the result would be to
replace the assurance gained by the assurance level selected by the PP
author with an SOF analysis (at a level also chosen by the PP author). One
possibility is that a "flaw" in an otherwise absolute mechanism could be
argued to be probabilistic if its SOF (i.e., the probability someone could
actually exploit the flaw) is high enough. This can certainly be mitigated
by the PP author by selecting a high SOF when they do not expect or desire
permutational or probabilistic solutions. However, I wonder whether there
should be some way the PP author can specify that permutational or
probabilistic mechanisms are not allowed.

> -----Original Message-----
> From: NIAP Interpretations Board [mailto:ccevs-nib@nist.gov]
> Sent: Monday, February 24, 2003 1:58 PM
> To: Multiple recipients of list
> Subject: Re: Expertise, Resources, and Motivation of Attackers
> 
> 
> 
> The NIB would like to add that, for CCEVS evaluations of an 
> ST that contains no 
> permutational nor probabilistic mechanisms, an SOF claim is 
> not applicable.  
> This guidance is captured in CCEVS precedence decision 
> PD-0086 (located at: 
> http://niap.nist.gov/cc-scheme/PD/0086.html).  Also, as 
> indicated in PD-0048 
> (http://niap.nist.gov/cc-scheme/PD/0048.html) a PP author 
> generally cannot 
> determine that a compliant ST will not contain permutational 
> nor probabilistic 
> mechanisms.  Therefore an SOF claim is generally required for PPs.
> 
> 
>

Follow-Ups:
- RE: Expertise, Resources, and Motivation of Attackers
  - From: "Daniel P. Faigin" <faigin@solarium.aero.org>

Prev by Date: Re: Level of description on Security requirements for the IT environment
Next by Date: RE: I-0463: Platform Inclusion In A TOE With FPT_SEP
Prev by thread: Re: Expertise, Resources, and Motivation of Attackers
Next by thread: RE: Expertise, Resources, and Motivation of Attackers

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov