Trusted Computer Base
Security Modes (MAC)
Reference Monitor: Kernel mediates all access between subjects and objects
Layering: Modular tiers
Abstraction: Hidden details from the user
Security Domain: Group of subjects and objects with similar security requirements
Covert Channel: Any communication that violates security policy.
Covert Storage Channel
Covert Timing channel
Race COnditions (TOCTOU)
Take Grant: Direct graphs. State transitions.
Bell-LaPadula: Confidentiality. First Mathematical model.
BIBA: Integrity. Lattice based.
Clark Wilson: Integrity. Access to object throught programs.
Information Flow Model:
Brewer and Nash: Chinese Wall model.
TCSEC (Orange Book): Trusted Computer System Evaluation Criteria
D: Minimal protection
C: Discretionary Protection
C1: Discretionary Security Protection
C2: Controlled Access Protection
B: Mandatory Protection
B1: Labeled Security Protection
B2: Structured protection
B3: Security Domains
A: Verified Protection
A1: Verified Design
ITSEC: Information Technology Security Evaluation Criteria
Common Criteria (ISO 15408):
EAL1: Functionally Tested
EAL2: Structurally tested
EAL3: Methodically tested
EAL4: Methodically designed, tested and reviewed
EAL5: Semi-formally designed and tested
EAL6: Semi-formally verified, designed and tested
EAL7: Formally verified, designed and tested
ST: Security Target
TOE: Target Of Evaluation
PP: Protection Profile