Security system design supporting method
First Claim
1. A security system design supporting method, implemented in a security system design supporting tool including a processor which conducts processings on data stored in memory, for supporting designing of security requirements or security specifications based on an international security evaluation criteria during planning/designing of an information-related product or an information system, said method comprising the steps of:
- providing, in the memory, a template case database for storing protection profiles (PPs) that have been internationally registered or PPs or STs (security targets) that have been generated, and that have not been internationally registered, in a class-tree structure based on an inheritance relation between types of products or systems as a target of evaluation (TOE) of said PPs or STs;
specifying, to the processor, the PPs or STs related to the TOE by designating elements included in the products or systems, type and evaluation assurance level of the TOE, and retrieving a relevant class-tree structure from said database;
generating, by the processor, a PP or ST draft of the TOE by integrally editing contents of a definition of the specified PPs or STs,wherein as to the generated PP/ST draft of the TOE, if the registered PPs or STs or local PP matches PPs or STs retrieved from the database, the retrieved PPs or STs are used, and if there are no matches, high-order PPs or STs among the generated PPs or STs are retrieved based on an inheritance relation to thereby partially add and correct the PPs or STs;
generating a rationale matrix indicating a matrix table each correspondence between security environments, security objectives, security requirements and summary specification as a part of the contents of a PP or ST definition from the security environment, the security objectives, the security requirements and the summary specification or the correspondence between them; and
verifying the presence or absence of the definition information lacking the correspondence using said rationale matrix generated.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system design supporting tool and method are disclosed, in which security requirements (PP) and security specifications (ST) used for designing a product or a system (TOE) based on CC requirements can be prepared efficiently and uniformly even by ordinary designers other than specialists. In a security system design supporting method, registered PPs and past PP/ST generation cases are so structured as to reuse and/or reference as templates, a draft is automatically generated, and the draft thus generated is additionally modified or corrected by partial automatic generation utilizing a database of past generation cases and partial case accumulated in the generation process thereof.
-
Citations
3 Claims
-
1. A security system design supporting method, implemented in a security system design supporting tool including a processor which conducts processings on data stored in memory, for supporting designing of security requirements or security specifications based on an international security evaluation criteria during planning/designing of an information-related product or an information system, said method comprising the steps of:
-
providing, in the memory, a template case database for storing protection profiles (PPs) that have been internationally registered or PPs or STs (security targets) that have been generated, and that have not been internationally registered, in a class-tree structure based on an inheritance relation between types of products or systems as a target of evaluation (TOE) of said PPs or STs; specifying, to the processor, the PPs or STs related to the TOE by designating elements included in the products or systems, type and evaluation assurance level of the TOE, and retrieving a relevant class-tree structure from said database; generating, by the processor, a PP or ST draft of the TOE by integrally editing contents of a definition of the specified PPs or STs, wherein as to the generated PP/ST draft of the TOE, if the registered PPs or STs or local PP matches PPs or STs retrieved from the database, the retrieved PPs or STs are used, and if there are no matches, high-order PPs or STs among the generated PPs or STs are retrieved based on an inheritance relation to thereby partially add and correct the PPs or STs; generating a rationale matrix indicating a matrix table each correspondence between security environments, security objectives, security requirements and summary specification as a part of the contents of a PP or ST definition from the security environment, the security objectives, the security requirements and the summary specification or the correspondence between them; and verifying the presence or absence of the definition information lacking the correspondence using said rationale matrix generated.
-
-
2. A security system design supporting method, implemented in a security system design supporting tool including a processor which conducts processings on data stored in memory, for supporting designing of security requirements or security specifications based on an international security evaluation criteria during planning/designing of an information-related product or an information system, said method comprising the steps of:
-
providing, in the memory, a template case database for storing protection profiles (PPs) that have been internationally registered or PPs or STs (security targets) that have been generated, and that have not been internationally registered, in a class-tree structure based on an inheritance relation between types of products or systems as a target of evaluation (TOE) of said PPs or STs; specifying, to the processor, the PPs or STs related to the TOE by designating elements included in the products or systems, type and evaluation assurance level of the TOE, and retrieving a relevant class-tree structure from said database; generating, by the processor, a PP or ST draft of the TOE by integrally editing contents of a definition of the specified PPs or STs, wherein as to the generated PP/ST draft of the TOE, if the registered PPs or STs or local PP matches PPs or STs retrieved from the database, the retrieved PPs or STs are used, and if there are no matches, high-order PPs or STs among the generated PPs or STs are retrieved based on an inheritance relation to thereby partially add and correct the PPs or STs, wherein if the high-order PP among the generated PPs is not successful to match, the generated PP draft is registered in a local PP/ST tree structured database; generating a rationale matrix indicating in a matrix table each correspondence between security environments, security objectives, security requirements and summary specification as a part of the contents of the PPs or STs definition from the security environment, the security objectives, the security requirements and the summary specification or the correspondence between them; and verifying the presence or absence of the definition information lacking the correspondence using said rationale matrix generated.
-
-
3. A security system design supporting method, implemented in a security system design supporting tool including a processor which conducts processings on data stored in memory, for supporting designing of security requirements or security specifications based on an international security evaluation criteria during planning/designing of an information-related product or an information system, said method comprising the steps of:
-
providing in the memory, a template case database for storing protection profiles (PPs) that have been internationally registered or PPs or STs (security targets) that have been generated, and that have not been internationally registered, in a class-tree structure based on an inheritance relation between types of products or systems as a target of evaluation (TOE) of said PPs or STs; specifying, to the processor, the PPs or STs related to the TOE by designating elements included in the products or systems, type and evaluation assurance level of the TOE, and retrieving a relevant class-tree structure from said database; generating, by the processor, a PP or ST draft of the TOE by integrally editing contents of a definition of the specified PPs or STs, wherein as to the generated PP/ST draft of the TOE, if the registered PPs or STs or local PP matches PPs or STs retrieved from the database, the retrieved PPs or STs are used, and if there are no matches, high-order PPs or STs among the generated PPs or STs are retrieved based on an inheritance relation to thereby partially add and correct the PPs or STs; indicating the PPs or STs stored in the template case database as icons by which the constituting elements, type and the evaluation assurance level can be identified; specifying the PPs or STs related to the TOE from the inheritance tree based on reference PP or ST cases of the inheritance between the PPs or STs expressed in a tree; producing a structure diagram of the TOE using the icons of said specified PPs or STs as constituting elements; generating a rationale matrix indicating in a matrix table each correspondence between security environments, security objectives, security requirements and summary specification as a part of the contents of the PP or ST definition from the security environment, the security objectives, the security requirements and the summary specification or the correspondence between them; and verifying the presence or absence of the definition information lacking the correspondence using said rationale matrix generated.
-
Specification