Title :
Integrating cryptography into trusted systems: A criteria approach
Author :
Brierley, William
Author_Institution :
Commun. Security Establ., Ottawa, Ont., Canada
fDate :
30 Nov-4 Dec 1992
Abstract :
The rationale behind the requirements for cryptographic implementations which have been integrated into version 3.0 of the Canadian trusted computer products evaluation criteria (CTCPEC) are presented. It is argued that an integrated set of requirements for cryptography is an essential step toward bridging the gulf between communications and computer security. A brief overview of the CTCPEC is given, with particular emphasis on those features of the CTCPEC which facilitated the development of security requirements for cryptographic modules. The scope of the security requirements for cryptographic modules and the structure of the security requirements document are discussed. The requirements on the implementation of a cryptographic module are addressed. The requirements for the integration of cryptographic modules into INFOSEC products are described. A summary of the project is provided
Keywords :
cryptography; operating systems (computers); software reliability; CTCPEC; Canadian trusted computer products evaluation criteria; INFOSEC products; communications; computer security; cryptographic implementations; security requirements; trusted systems; Communication system security; Computer architecture; Computer networks; Computer security; Costs; Cryptography; Information security; NIST; Portable computers; Product design;
Conference_Titel :
Computer Security Applications Conference, 1992. Proceedings., Eighth Annual
Conference_Location :
San Antonio, TX
Print_ISBN :
0-8186-3115-5
DOI :
10.1109/CSAC.1992.228236