2006/6/ /9/1 2007/11/9 () 2011/4/ ( ()) ii

Size: px

Start display at page:

Download "2006/6/16 2006/9/1 2007/11/9 () 2011/4/21 2005 2006 3 (2005 12 ())2005 12 13 2011 4 21 2011 4 ii"

かおりはまもり
9 years ago
Views:

1 2011 4

2 2006/6/ /9/1 2007/11/9 () 2011/4/ ( ()) ii

3 1 2 A 3 B C IT NISD-K NISD-K iii

4 ST ST DM ST ST NISD-K NISD-K NISD-K C NISD-K C SBD: Security By Design iv

5 (CIO)2006 ( 18 )3 31 ISO/IEC 15408: 2005 Information technology Security techniques- Evaluation criteria for IT security -- Part1, 2, 3 ISO/IEC IT IPA ISO/IEC IPA IT v

6 A B C IT IT JISEC EAL vi

7 WEB vii

9 - [ 1] [] [] - [ 2] [] [] - [ 3] [] - [ 4] [] 1-1 2

11 ST ST ST ISO/IEC ST ST ST ST (1)(a)() ST ST ST ST

12 5 1-3

13 A 3 B

14 1 1 7

15 (2) (2)

16 2.2. A B A 9

18 CIO 11

19 1.1 N

20 WAN LAN WAN DMZ WAN DMZ 3 2 RAID5 13

21 WAN DMZ IP WAN DMZ WAN DMZ WAN DMZ DMZ WAN DMZ 14

22 15

23 16

24 1.1 Web Web 17

25 (2)

28 () 21

30 IT

31 JEITA3 IT-1002 WAN LAN -1 WAN LAN WAN LAN

33 No / -1 DB DB -2 26

35 ID IC SSL

36 鍵

37 IT CCRA (1)(f) (1)(b) C 3 EALISO/IEC CCRA C 30

38 3-1 No -1-1, (1)(a)-(b) (1)(c) (1)(f) -3-1, -4, (1)(c)- (f)() (1)(a) -2-2, (3)(a)-(e) (1)(a)-(i) (2)(a)-(c) (4)(a)-(e) (5)(a)-(c) 3-2 No -1-1, (1)(a)-(b) (1)(c) (1)(f) -3-1, -4, (1)(c)- (f)() (1)(a) -2-2, (3)(a)-(e) (1)(a)-( i), (2)(a)-(c) (4)(a)-(e) (5)(a)-(c) 31

39 32

40 3.3. IT ISO/IEC CCRA ISO/IEC (1)(d) IT (1)(b) IT IT ISO/IEC

41 3-3 / IC IC A a B b C c TOE Target Of Evaluation TOE TOE EAL ST TOE: Target Of Evaluation 7 CC 6. 34

43 ISO/IEC 15408:2005 Information Technology Security Techniques Evaluation Criteria for IT Security JEITA3 IT CCRA Web IT JISEC Web

44 IT ISO/IEC ISO/IEC TR15446 B OS 37

45 A B CIT 38

46 A ST ST ST ST ST 39 DM

47 ST ST (1)(a) IT (1)(f) 40 DM

48 B 41

49 IT ST ST ST ST ST ST 42

50 C IT 1. IT JISEC ISO/IEC Common Criteria Recognition ArrangementCCRA Certificate Authorizing ParticipantsCertificate Consuming Participants ISO/IEC EAL EALEvaluation Assurance Level EAL17 7 CCRA EAL4 43

51 3-1 EAL1 EAL2 EAL3 EAL4 ST EAL1, EAL2 EAL3 () ISO/IEC ISO/IEC EAL1EAL7 ISO/IEC EAL1EAL7 EAL EAL2+ 4. IT ST ST ST ST 44

52 5. OS DBMS 5.1. Operating System OS OS OS DAC: Discretionary Access ControlOS OS OS MACMandatory Access Control OS OS OS OS OS 45

53 5.2. LAN 2 OSIOpen Systems Interconnection 46

54 5.3. DBMS: Database Management System DBMS DBMS DBMS 47

55 48

56 6. CCRA ISO/IEC IT Web CCRA Web The official website of the Common Criteria Project CC Web CC IT / / / IC/ IC IC 鍵 OCSP 49

57 / IPSec VPN UNIXLinux OS OSPC / 6.1. ISO/IEC Web CC PP EAL PPProtection Profile ISO/IEC PP pdf STST pdf pdf 50

58 CC CC Web CC Web Consumers Developers Experts List of Evaluated Products Web Consumers Developers Experts List of CCRA Members 6.2. ST TOE ST 6 ST ST EAL 51

59 Web 52

60 Web Web Web Web - 1

61 Web PC Web Web Web 1.1 / 1.1-2

62 Web 1.2 Web 1.2 Web

63 1-1 Web DMZ IP Web Web Web 2 Web Web Web Web Web

64 1-2 Web LAN Web LAN Web Web - 5

65 Web Web 1-3 Web 1-3 Web Web Web Web 1-4 FAX Web Web Web - 6

66 Web Web Web Web Web Web Web Web Web Web Web Web Web Web - 7

67 Web Web 1.3 Web - 8

68 Web 1-5 Web Web Web Web Web Web Web Web Web Web - 9

69 Web Web Web Web Web Web Web Web - 10

70 1.2. (NISD-K NISD-K Web

71 Web Web Web Web Web Web (1)(b) - 12

72 2 2 1 Web Web Web Web Web - 13

73 3 2 1 Web - 14

74 1.3. Web Web JEITA3 IT / Web

75 / Web Web / Web - 16

76 1.4. Web / -1 / -2 Web Web - 17

77 / -3 Web Web / -4 Web Web - 18

78 / -5 Web Web Web Web -2 Web Web / -6 Web Web HTML Web Web - 19

79 / -7 DoS Web / -8 Web Web - 20

80 2. Web IT 2.1 IT Web - 21

81 Web -1 Web ID Web Web Web Web ID IC -2 Web SSL/TLS Web Web -6 SSL/TLS SSL/TLS - 22

82 -3 Web OS Web Web OS Web 5-4 Web Web - 23

83 -5 Web SSL/TLS Web Web 鍵 Web 鍵鍵 Web IP-VPN SSL/TLS / -6 Web Web Web Web - 24

84 -7 Web Web Web -8 Web Web Web -1 Web Web Web - 25

85 Web -1 Web -2 Web Web -3 Web - 26

86 -4 Web Web -6 Web Web - 27

87 -8 Web Web Web Web Web Web - 28

88 -11 Web Web

89 ,4, (1)(a) -.(f)() ,4,5-1, (1)(a) -4-3,4,5,7, (1)(a)- (c) (1)(a) (1)(c) (1)(a) -7-3,7-8 -2,3,4,5, (1)(a) (1)(a)-(i), -1 (2)(a)-(d) ,3,4,5, (1)(a) (2)(b) -4-3,4,5-1, (1)(a) -5-3,4,5,7, (2)(a), (b) -7-3, (1)(a)(), () (1)(a) -(g) (1)(b)-(d) (1)(a)-(g),(2)(a), (2)(e)

90 2.2. IT 3.3 C IT Web - 31

91 - 1

93 - Web DB -3

94 Web IDS WWW DB AP RA -4

95 IP IDS WWW DB AP RA CA CA 鍵 CRL 鍵 CA -5

97 -7

99 Web 鍵鍵

100

101

102 No ()-T1 ()-T2 ()-T3 ()-T4 ()-T5 ()-T6 Web -12

103 -13 Web ()-T7 ()-T8 ()-T9 ()-T10 ()-T11 ()-T12 ()-T13 ()-T14 ()-T11,T12,T13,T14 ( )-T11,T12,T13,T14

104 No ()-T1 ()-T2 ()-T3 ()-T4 ()-T5 ()-T6 ()-T7 ()-T8 ( )-T5,T6,T7,T8 ( )-T5,T6,T7,T8-14

105 2. IT 2.1 IT

106 No ID ID SSL IDC VPN -16

107 No UPS BIOS No

108

109 (NISD-K NISD-K No -1 ()-T1 ()-T3 ()-T8-2 ()-T4 ()-T5-3 ()-T6 ()-T7 ()-T (1)(a) (1)(c) (1)(a)() (1)(b)-(f) (1)(a) (1)(a)-(b) (1)(a)- (c) (1)(a)-(c),(2)(a) (1)(a)- (b) (2)(a)-(c) (1)(a)-(c) -1-2 ()-T5 ()-T7 ()-T10 ()-T (1)(a)- (c) -4 ()-T7 ()-T ()-T (1)(f) ()-T9-6 ()-T (1)(a), () T11T (1)(a)- (j),(2)(a)-(d) (2)(a)-(c) (2)(a)- (b) (2)(a) (1)(a)()- (b) (1)(a)-(d),(2)(a)-(b) -3 ()-T (2)(b)-(c)

110 -4 ()-T1 ()-T (1)(a)(),() (1)(a)- (g) No -1 ()-T (1)(a) (1)(c) (1)(d)-(f) (1)(a) (1)(a)-(b) -2 ()-T (1)(a)-(c) -3 ()-T3 ()-T4-4 ()-T3 ()-T (1)(a)-(c),(2)(a) (1)(a)-(c) (1)(a)-(c) (1)(f) -6 ()-T (1)(a),(a) () (2)(a)-(c) (1)(a)-(c) -1-2 ()-T2 ()-T3 ()-T (1)(a)- (j),(2)(a)-(d) (2)(a)-(c) (2)(a)- (b) (2)(a) (1)(a)()- (b) (1)(a)-(d),(2)(a)-(b) -3 ()-T (2)(b)-(c) -4 ()-T (1)(a)(),()4.2.1(2)(b)-(g) -5-20

111 -21

112 2.2. IT 3.3 C IT TCP/IP IP -22

113 (IP ) IP SNMP IP c) - -23

114 -24

115 - 1 DM6-07-1

116 PC DM6-07-1

117 (1) (1) (n) (n) () LAN IP LAN - 3 DM6-07-1

118 DM6-07-1

119 DM6-07-1

120 / (NISD-K NISD-K / WAN LAN / - 6 DM6-07-1

121 1.4. / DM6-07-1

122 2. IT 2.1 IT DM6-07-1

123 DM6-07-1

124 IT (1)(a) (2)(a)-(b) IT - 10 DM6-07-1

125 3.3 C IT IT IT - 11 DM6-07-1

内閣官房情報セキュリティセンター（NISC）

内閣官房情報セキュリティセンター（NISC） ( ) ...1 1.1.1...1 (1)..1 (2)...1 (3)...1 1.1.2...2 (1)...2 (2)...2 (3)...2 (4)...3 (5)...3 (6)...3 1.1.3...4...10 2.1...10 2.1.1...10...10...10 (1)...10 (2)... 11 (3)... 11 (4)...12 (5)...13 (6)...13