This document presents a technical analysis of available assurance techniques proposed by the Common Criteria v3.1 (CC3.1) from Evaluation Assurance Level (EAL) 5 to EAL 7 to examine their applicability to a feasible transnational CC certification.
The conditions to international recognition of issued CC certificates are studied and several differentials are done showing what the prerequisites in terms of Security Assurance Requirements (SARs) are at EAL 5, 6 and 7 based on information available in CC3.1 and the Common Methodology for Information Technology Security Evaluation (CEM v3.1). EAL 5 evaluation is doable based on the CEM, EAL 6 evaluation requires the use of additional guidance and the gap to perform an EAL 7 evaluation is identified.
Finally a review of known evaluations at EAL 6 and 7 is done for resource management, for existing separation kernels/hypervisors compiled from published protection profiles, security targets or relevant publications.
Fox Crypto, Fort Fox Hardware Data Diode: Security Target Common Criteria FFHDD - EAL7+, 2010, http://www.commoncriteriaportal.org/files/epfiles/Fox%2520DataDiode%2520Security%2520Target%2520EAL7%2520(v2.04).pdf.
General-Purpose Operating System Protection Profile, v3.9, September 2012 draft
Mutual Recognition Agreement of Information Technology Security Evaluation Certificates, v3.0, January 2010 [Note 12] Note d'application, réf. 12.1, Modélisation formelle des politiques de sécurité d'une cible d'évaluation, March 2008
Operating System Protection Profile, 2010, v2.0, BSI-CC-PP-0067
Security Target for PikeOS, v0.24, June 2013
Tenix Datagate Inc, Interactive link data diode device: Common Criteria security target, no. 9126P01000001, August, 2005, http://www.commoncriteriaportal.org/files/epfiles/st_vid9512-st.pdf.
U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness. No. Version 1.03, National Security Agency, June 2007.
Wind River VxWork MILS Platform, PO_VE_MILS_Platform.pdf, Rev 08/2010, www.windriver.com