ST作成の手引

Size: px

Start display at page:

Download "ST作成の手引"

ひでかおおかわち
4 years ago
Views:

2 ST ST ST ST ST CC TOE TOE TOE IT TOE TOE TOE IT TOE TOE TOE PP PP PP PP PP 2

3 ISO/IEC 15408( 1999) Evaluation Criteria for IT SecurityCC JIS X5070(2000) ST CC ST ST CC ST ST CC IT CCCommon Criteria for Information Technology Security Evaluation CEM(Common Methodology for Information Technology Security Evaluation) CEM ST ST CC CEM JIS X5070(2000) ISO/IEC (1999): Evaluation Criteria for IT Security Part1:Introduction and general model ISO/IEC (1999): Evaluation Criteria for IT Security Part2:Security functional requirements ISO/IEC (1999): Evaluation Criteria for IT Security Part3:Security assurance requirements Common Methodology for InformationTechnology Security Evaluation Part2 CCIMB Interpretations

4 ISO/IEC PDTR Guide for the production of PPs and STs, Version JISEC IC 1.0 4

5 ST TOE IT CC IT,/ CC IT CC ST PP CC CC ST TOE ST TOE CEM (CEM CC (: (ACL)) TOE TOE PPSTCC 5

6 STCC TOE TOE CC TOE TOE 6

7 ST - TOE - TOE - TOE CEM TOE IT TOE TOE ST TOE ST TOE //// ST ST ST ST ST ST TOE TOE / ST TOE ST ST ST JIS X5070 C 7

8 CC 2 3 ST TOE TOE ST TOE ST ST ST ST CEM XX CEM XX ST 2.2 TOE XX ST 8

9 TOE CC TOE TOE TOE TOE TOE 1. ST 9

10 TOE TOE TOE TOE TOE TOE TOE TOE TOE TOE TOE TOE 10

11 TOE TOE TOE CC ISO/IEC TR Guidelines for Management of IT Security 11

12 ST ST ST(ASE_INT 1-6) STTOETOE ST STTOE ST (ASE_INT.1-1) ST ST TOE TOE CC TOE EAL CC CCIMB Interpretations-0407 TOE PP Consistency Guidance for Medium Robustness TOE TOE ST ABC ST 1.03 ST

13 ABC TOE ABC TOE1.1 CCCC V ST TOE CC ST TOE TOEST ASE_INT.1-2 TOE ST CESG Oracl 7 EAL4 OS Oracl 7 Release EAL4 CC TOECCASE_INT.1-3 PPPP CC

14 CC ST (ASE_INT.1-5) CC 2.1 CC 2.1 EAL3 ADV_SPM.1, AVA_VLA.2 14

15 TOE TOE CC ASE_DES.1-1 TOETOE TOE TOE TOE ASE_DES.1-2 TOE / TOETOE TOEASE_DES.1-3 TOETOE TOE TOE TOEASE_DES.1-4 TOEASE_DES.1-5 TOE(ASE_DES.1-6) TOE TOE TOE TOE TOE TOE TOE ST TOE TOE 2.3TOE 2.5 TOE TOE TOE TOE TOE 15

16 TOE TOE TOE TOE TOE TOE ST CC IT TOE TOE / TOE TOE TOE TOE TOE TOE TOE ST TOE TOE TOE TOE TOE TOE TOE TOE TOE TOE TOE 16

17 TOE CC TOE ST TOE TOE IT TOE TOE (CC) TOE TOE TOE CC IT IT TOE TOE () CC TOE ASE_ENV.1-4 TOE ASE_ENV

18 TOE TOE TOE TOE TOETOE TOE TOE / TOE TOE () TOE - ST TOE ST - ST TOE 2 a. b. 18

19 IC IC ASE_ENV.1-1 TOE TOETOE TOE TOE TOETOE TOETOETOEIT TOE - TOETOETOE TOE 19

20 TOETOE TOE TOE IT TOETOE TOETOE TOETOE TOE TOE TOE TOE TOE TOE TOE TOE TOE TOE TOE LAN LAN 20

21 TOE TOE IT TOE TOE IT TOE TOE IT () LOCATE TOE A.ADMIN TOE A.FIREWALL A.LOCATE ST TOE CC IT 21

22 TOE CC ASE_ENV.1-2 TOE TOE TOE TOE TOE TOE TOE / TOE TOE 22

23 TOE IT TOE TOE TSF TOE TOE ASE_ENV.1-2 ST TOE TOE TOE 23

24 T.ACCESS TOE SQL T.NETWORK LAN LAN T.ADMIN TOE TOE TOE ASE_ENV.1-3 / TOE ST TOE TOE TOE TOE TOE 24

25 TOE P.PRIVACY xx P.ACCESS P.AUDIT XX XX 1 P.SECREQ XX XX XX TOE 25

26 TOE CC TOE TOE IT TOE CC - - TOE TOE ASE_OBJ.1-1 ASE_OBJ.1-8 TOE TOE TOE TOE TOE 26

27 TOE TOE TOE 3 TOE TOE 1 TOE TOE ASE_OBJ.1-2 (ASE_OBJ.1-4) TOE 1 27

28 TOE O.ACCESS O.AUTHENTICATE TOE O.AUDIT TOE CC 1 TOE TOE ASE_OBJ.1-3 TOE IT IT OE.PASSWORD OE.EDUCATE OE.SROOM 28

29 TOE OE.USER TOE OS TOE CC TOE / TOE ASE_OBJ.1-2 TOE /TOE / TOE ASE_OBJ.1-3 ASE_OBJ.1-4 ASE_OBJ.1-5 ASE_OBJ

30 TOE TOE TOE ASE_OBJ.1-8 TOE TOE TOE TOE 30

31 T.Reuse ( IC IC ) O.Reuse 31

32 IT IT TOE CC TOE SOF-SOF- SOF- TOE CC a) PP ST TOE PP b) ST TOE CC EAL PP ST TOE 3 EAL c) ST TOE CC 2 d) ST 32

33 CC PP TOE TOE TOE IT CC IT CC ST CC TOE TOE CC IT TOE CC CC CC CC CC 2 ST IT 33

34 ASE_REQ.1-10 CC2 ASE_REQ.1-11 FTA_MCS.1 TOE ASE_REQ.1-12 a) b) 1 c) TOE ADV_SPM.1.2C TSP TSP TSP d) 1 TOE IT ASE_REQ.1-13 TOE TOE IT CC 34

35 IT ST CC (ASE_REQ.1-14 TOE FAU_GEN.1 FAU_GEN.1 FPT_STM.1 TOE FPT_STM.1ST IT ST IT ASE_REQ.1-25 TOE IT (ASE_REQ.1-26 TOE TOE TSF [AA][BB] aa bb 35

36 AA=aa, BB=bb TOE IT CC ST TOE TOE () CC (CC) TOE CC 2 ST PP ASE_REQ.1-1 CC2 TOE CC 2 PP TOE PP ASE_REQ TOE ASE_REQ.1-3 TOE AVA_SOF.1 TOE SOF- SOF-SOF-ASE_REQ.1-15 TOE TOE CC ST SOF CC TOE 36

37 TOE 1 TOE TOE TOE TOE SOF- SOF- TOE AVA_SOF.1 TOE ASE_REQ.1-16 SOF-SOF-SOF- CC 2 FDP_IFF.1.1 TSF [: SFP]: [ :] FDP_IFF.1.1 PP/ST (sensitivity) (clearance) ST 37

38 FAU_GEN.1 TOE FAU_STG FAU_SAR FAU_GEN.1 FPT_STM.1 TSF FMTFMT_REV.1 2 FPT_RVM.1(Non-bypassability of the TSP) FPT_SEP(Domain separation) FPT_PHP(TSF Physical Protection) FMT_MSA.1(Management of Security Attribute) FMT_MTD.1(Management of TSF data), FAU_STG.1(Protected Audit Trail Storage)FPT_AMT.1(Abstract machine testing) FTP_TRP(Trusted Path) TSF FAU_STG(Security Audit Event Storage) FMT_MOF.1(Management of Security Functions Behaviour) FDP_SDI(Stored Data Integrity),FPT_PHP(TSF Physical Protection) 38

39 FMTFMT_MSA TSF xx TSF xx TSF TSF TSF TSF FAU_GEN. FAU_GEN.1.1 c 39

40 FCS_CKM.1 TOE SSL FCS_CKM.4 (a) TSF FMT_REV.1 TSC ()2 ()( ) FDP TOE TSF 40

41 TOE a)tsp( ) b) ( ) c) TOE() 2(: )() TOETOE TSF TOETSF TSPTSFTOE TSF TOE TSPTSF TSF TOE TSF FDP_ACF.1.1 FDP_ACF.1.2FDP_ACF.1.1 FDP_ACF.1.1 TSF [: SFP SFP 41

42 SFP ] [: SFP] [: SFP SFP SFP ]: [: SFP]: JISEC IC OS DF DF : -2 : -3 : - -( TOE AVA_SOF.1 (EAL) TOE ( )TOE SOF-SOF- SOF- TOE 42

43 TOE SOF- TOE SOF- /SOF-/SOF- TOE TOE TOE (AVA_SOF.1) TOE TOE TOE TOE SOF-xx PP PP ST PP ST PP PP CC ST FMT_MSA.2 FMT_MSA.2.1 TSF ADV_SPM.1TOE FMT_MSA.2 TOETSP 43

44 FMT_MSA.2ADV_SPM.1CC FMT_MSA.2.1ADV_SPM.1 ST FMT_SMR.1 FMT_MOF,FMT_MSA,FMT_MTD TOE TOE CC EAL ST 3 EAL CC CC 3 TOE 44

45 EAL 3 ST PP ASE_REQ.1-4 CC 3 TOE CC 3 PP TOE PP ASE_REQ TOE ASE_REQ.1-6 TOE CC 3 EAL EAL ASE_REQ.1-7 EAL () TOE AVA_VLA.4 () AVA_CCA () ALC_DVS EALn CC TOE CC 45

46 EAL15 EAL EAL1 EAL2 EAL3 EAL4 EAL5 IT IT IT ASE_REQ.1-9 TOE TOE IT IT TOE IT FAU FIA TOE IT ITFPT_RCV.2 FPT_RCV.2 1 AGD_ADM.1 IT 46

47 IT IT IT TOE ST IT IT (TOE ) CC TOE IT EAL - ST TOE TOE ASE_REQ.1-8 EAL EAL EAL EAL 47

48 AVA_VLA.1 a) ST PP b) c) TOE d) TOE / e) EAL CC TOE AVA_SOF.1 TOE ASE_REQ.1-17 TOE TOE SOF- TOE TOE ASE_REQ.1-18 TOE TOE 1 TOE TOE IT ASE_REQ.1-19 IT 1 IT TOE TOE TOE ASE_REQ.1-20 TOE TOE 48

49 TOE TOE TOE TOE TOE IT IT IT ASE_REQ.1-21 IT IT IT IT IT IT IT IT ASE_REQ.1-22 IT ST IT ASE_REQ.1-23 IT ASE_REQ.1-18 ASE_REQ.1-19IT ASE_REQ.1-20 ASE_REQ.1-21 IT a) FPT_RVM.1 b) FPT_SEP 49

50 c) FMT_MOF.1 d) FAU ASE_REQ.1-14 EALEAL AVA_VLA.1 ST PP 50

51 TOE TOE / AVA SOF.1 TOE IT IT TOE FPT_RCV.1 AGD_ADM.1 ADV_SPM.1 IT 51

52 TOE TOE 52

53 TOE 53

54 O.Reuse (: TOE TOE ) FCS_CKM.1(1)FCS_CKM.1(2)FCS_CKM.2(1)FCS_CKM.2(2)FCS_CKM.4(1) FCS_CKM.4(2)FCS_COP.1(1)FCS_COP.1(2)FPT_RPL.1FPT_RVM.1FTP_ITC.1 TOE FCS_CKM.1(1)FCS_CKM.2(1) TOE FCS_CKM.1(2) FCS_CKM.2(2)FCS_COP.1(1) FCS_COP.1(2) TOE FCS_CKM.4(1) FCS_CKM.4(2) TOE FTP_ITC.1 FPT_RPL.1 IC FPT_RVM.1 54

55 55

56 TOE SOF- EAL4+AVA_VLA.3 56

57 TOE TOE TOE TOE TOE ADV_FSP CC TOE TOE ASE_TSS.1-1 IT TOE ASE_TSS.1-12 IT TOE ASE_TSS.1-14 TOE IT TOE TOE CC IT 1 TOE ASE_TSS IT ASE_TSS.1-3 IT TOE 57

58 ST TOE TOE IT IT ASE_TSS.1-4 ST SOF- ASE_TSS.1-6 TOE AVA_SOF.1 IT ASE_TSS.1-10 TOE AVA_SOF.1 IT SOF-SOF- SOF-ASE_TSS.1-11 IT TOE ST / (FCS_CKM.1) DES,RSA 58

59 TOE CC 1 TOE ASE_TSS.1-8 ASE_TSS.1-9 EAL4 CC EAL5 TOE TOE TOE CC TOE IT TOE TOE TOE IT TOE TOE ASE_TSS

60 IT TOE TOE IT TOE TOE IT IT TOE ASE_TSS.1-6 IT TOE TOE IT TOE PIN IT TOE TOE ASE_TSS.1-7 IT IT TOE TOE TOE ASE_TSS.1-9 TOE TOE TOE TOE 60

61 61

62 PP STTOEPP PPPPPP ASE_PPC.1-1CC PPST PP TOE ST TOE PP ST PP PP TOE PP ST PP TOE PP PP ST PP PP ST PP PP ST ST ST PP ST PP PP PP PP ST ST PP ST PP CC PP CC ST ST TOE PP ST PP PP IT PP ASE_PPC.1-4 PP PP 62

63 PP CC PP PP PP PP PP PP (ASE_PPC.1-1 PP TOE PP PP PPPPIT CC PP PP PP IT ASE_PPC.1-2 STST PP PP ST PP ST PP PP TOE CC PP PP IT IT ASE_PPC.1-3 ST PP PP 63

64 ST PP PP ST PP ST CC ST PP PP PP IT PP PP 64

CC v2.3 パート2: セキュリティ機能要件

CC v2.3 パート2: セキュリティ機能要件 2 : 2005 8 2.3 CCMB-2005-08-002 IPA まえがきはじめに本書は IT セキュリティ評価及び認証制度において認証機関が公開する評価基準の規格として公開している Common Criteria( 以下 CC という ) を翻訳した文書である注 :1. 原文の CC で記載してある段落番号については本書では段落番号が付与されていないこのため段落番号については