Andrzej Bialas

Common criteria related security design patterns for intelligent sensors--knowledge engineering-based implementation.

Intelligent sensors experience security problems very similar to those inherent to other kinds of IT products or systems. The assurance for these products or systems creation methodologies, like Common Criteria (ISO/IEC 15408) can be used to improve the robustness of the sensor systems in high risk environments. The paper presents the background and results of the previous research on patterns-based security specifications and introduces a new ontological approach. The elaborated ontology and knowledge base were validated on the IT security development process dealing with the sensor example. The contribution of the paper concerns the application of the knowledge engineering methodology to the previously developed Common Criteria compliant and pattern-based method for intelligent sensor security development. The issue presented in the paper has a broader significance in terms that it can solve information security problems in many application domains.

Ontology-Based Security Problem Definition and Solution for the Common Criteria Compliant Development Process

The paper shows how to apply a new ontology-based approach to the security problem definition (SPD), which is the key stage of the IT security development process compliant with the ISO/IEC 15408 Common Criteria standard. The SPD specifies threats, security policies and assumptions concerning the developed target of evaluation (TOE). On the SPD basis the security objectives (SO) are elaborated expressing the SPD problem solution, being the basis for further implementation works. The paper presents shortly the Specification Means Ontology (SMO), the related knowledge base and their use by the IT security developers while the security problem is formulated and solved. The paper gives some examples concerning a simple firewall, summarizes the results and experiences, and defines the plans of future works.

Semiformal Approach to the IT Security Development

The paper concludes the authors works on the IT security development framework compliant with the common criteria standard. Two basic issues were solved to make this development easier and more effective: the entire development process was better formalized using the UML/OCL approach, and the set of specification means was extended (by defining enhanced generics) thus now the set covers all development stages and is more precise. Moreover, the set of relationships between specification elements was predefined to help developers solve typical security issues. The computer-aided tool, implementing this methodology, has the following elements built in: the simple risk analysis tool, design selfevaluator, reporting and documentation management facilities. The paper presents the volume of works, gives some examples, summarizes the results and gained experiences, and defines the plans of future works.

Common Criteria Related Security Design Patterns—Validation on the Intelligent Sensor Example Designed for Mine Environment

The paper discusses the security issues of intelligent sensors that are able to measure and process data and communicate with other information technology (IT) devices or systems. Such sensors are often used in high risk applications. To improve their robustness, the sensor systems should be developed in a restricted way to provide them with assurance. One of assurance creation methodologies is Common Criteria (ISO/IEC 15408), used for IT products and systems. The contribution of the paper is a Common Criteria compliant and pattern-based method for the intelligent sensors security development. The paper concisely presents this method and its evaluation for the sensor detecting methane in a mine, focusing on the security problem of the intelligent sensor definition and solution. The aim of the validation is to evaluate and improve the introduced method.

Intelligent Sensors Security

The paper is focused on the security issues of sensors provided with processors and software and used for high-risk applications. Common IT related threats may cause serious consequences for sensor system users. To improve their robustness, sensor systems should be developed in a restricted way that would provide them with assurance. One assurance creation methodology is Common Criteria (ISO/IEC 15408) used for IT products and systems. The paper begins with a primer on the Common Criteria, and then a general security model of the intelligent sensor as an IT product is discussed. The paper presents how the security problem of the intelligent sensor is defined and solved. The contribution of the paper is to provide Common Criteria (CC) related security design patterns and to improve the effectiveness of the sensor development process.

Patterns Improving the Common Criteria Compliant IT Security Development Process

The chapter concerns the project of the methodology used to create and manage development environments of IT security-enhanced products and systems for the purposes of their future Common Criteria certification. The key issues of the patterns-based project are discussed: how to develop the set of patterns for different kinds of evidences to be delivered with the IT product or system for independent evaluation. The author characterizes the IT security development process and the elaborated evidences, and presents analyses provided to develop such patterns. The patterns usage is shown by a few examples which are part of a more complex case study. Such patterns facilitate and speed up the IT security development process, improve the quality of evaluation evidences, as they are more consistent and include all details required by the considered assurance components, facilitate the computer support of the IT security development process. The chapter concludes the methodology with respect to the achieved and planned project results.

Risk Assessment Aspects in Mastering the Value Function of Security Measures

The chapter presents the risk management approach applied in the EC FP7 ValueSec project. The security measures selection process is based on three pillars: Risk Reduction Assessment (RRA), Cost-Benefit-Analysis (CBA) and Qualitative Criteria Assessment (QCA). The ValueSec tool set, which is elaborated in the project, should be equipped with components corresponding to these pillars. The chapter overviews the researches of the project focused on the decision model elaboration and selection of existing method to be implemented, or existing tools to be integrated in the ValueSec framework. Risk management is a broad issue, especially in five of the project assumed contexts. For this reason more specialized components are allowed for the RRA pillar. Currently the project passes to the implementation and use case experimentation phase. The chapter shows the general architecture, currently implemented and the RRA component example.

Experimentation tool for critical infrastructures risk management

The paper concerns a risk assessment and management methodology in critical infrastructures. The research objective is to adapt a ready-made risk manager, supporting information security- and business continuity management systems, to a new domain of application - critical infrastructure protection. First, a review of security issues in critical infrastructures was performed, with special focus on risk management. On this basis the assumptions were discussed how to adapt the OSCAD risk manager designed for the information security/business continuity applications. According to these assumptions, the OSCAD risk manager was adapted to its new domain of application, i.e. critical infrastructures. The aim of this work is to assess the usefulness of such a solution and to elaborate requirements for the advanced critical infrastructure risk manager to be developed from scratch.

Computer Support in Business Continuity and Information Security Management

The chapter features the concept of joint implementation of two widely used standards, BS 25999 concerning business continuity and ISO/IEC 27001 – information security, within one integrated management system. Business continuity is understood as a strategic ability of an organization to react to incidents and disturbances in its business functioning and to mitigate losses in case these harmful factors occur. Information security, in turn, is related to the protection of information integrity, availability and confidentiality. The chapter presents the assumptions and recently achieved results of a specific targeted project whose objective is to develop a computer-supported management system for organizations which set a lot of store by the continuity of business processes and information security. The works on the system model were summarized, including a feasibility study concerning different aspects of software which is developed on the basis of these models.

A UML Approach in the ISMS Implementation

The paper deals with the modelling of the Information Security Management System (ISMS). The ISMS, based on the PDCA (Plan-Do-Check-Act) model, was defined in the BS7799-2:2002 standard. The general model of the ISMS was presented. The paper focuses on the Plan stage elaboration only, basing on the previously identified ISMS business environment. The UML approach allows to achieve more consistent and efficient implementations of the ISMS, supported by the computer tools. The paper shows the possibility of the UML use in the information security domain.