Our goal in writing this guide is to provide you with the information you need,
whether you intend to use the he CC Profiling Knowledge Base (hereafter
referred to simply as the knowledge base) as is, add more security information
to it, or evolve its underlying functionality as well. Consequently, we have
attempted to communicate not only the knowledge base content and structure,
but the pragmatic decision making that went into developing the knowledge base
as well. Early sections are of a tutorial nature, while later sections
are intended as a reference for use in evolving the knowledge base.
The knowledge base was built for the CC ToolBox, a software product that supports the creation of CC Protection Profiles (PPs) and Security Targets (STs). The knowledge base is thus designed to hold the kinds of information needed for writing PPs and STs, and for tracking logical relationships among these various kinds of information. Its design was influenced both by CC ToolBox requirements and by Common Criteria (CC) requirements for PPs.
The CC ToolBox uses the knowledge base to interview PP/ST authors with regard to threats, policies, assumptions, objectives, and safeguards expressed as applications of CC components. In the future, additional information of this sort may be added to the knowledge base to better support the CC Toolbox. In addition, the design of the knowledge base may evolve to handle new uses, for example, studying the relationship between threats and vulnerabilities.
Our goals in developing the knowledge base were not only to provide the security information that will be useful in writing PPs, STs, and similar security specifications, but to structure the appropriate relationships between the various data types in a cohesive and understandable manner.
The knowledge base builds on the Common Criteria Version 2.1 (ISO 15408). The main portion of the knowledge base is structured roughly along the lines of PP Sections. Figure 1-1 shows the typical PP structure, along with relevant knowledge base tables in dark red Italics. As can be seen from the figure, the knowledge base provides direct support for environment statements, security objectives, IT security requirements, and PP rationale.
The knowledge base tables include embedded guidance to help
you determine the relevance of security information in particular
environments. They also contain fragmentary security
analyses that can be used for some of the rationale in a PP or
ST. In addition, the knowledge base contains mapping tables
that show the logical relationships among the various abstraction
levels (e.g., environment statements to security objectives,
security objectives to IT security requirements).
Figure 1-1. Protection Profile Content
Some parts of the knowledge base were built primarily to support the CC ToolBox and are not directly tied to the CC. The Prompts and Attributes tables are the primary examples of such parts (see Sections 4.3 and 4.4).
Further details on how the knowledge base makes use of the CC may be found
below in Section 4.5.
Upon opening the knowledge base, your initial view will be that of the Main Menu pictured in Figure 1-2. However, the full MS Access 97 user interface is immediately available (just click on the MS Access Window menu and select the database file name, e.g., CC PKB : Database).
Environment statements (as defined in [CC, Part 1, Annex B.2.4] and discussed in detail below in Section 4.1) provide a logical starting point for developing Protection Profiles. The Prompts button on the Main Menu provides access to an interview-based overview of all environment statements. These environment statements may be viewed in more detail by pressing the Threat Categories, Policy Categories, Assumption Categories, General Threat, and General Policy Statement, and General Assumptions buttons. The treatment of Assumptions in this knowledge base is less well developed than that of Threats and Policies.
Figure 1-2. Main Knowledge Base Menu
In a PP, environment statements are addressed via Security Objectives, which are then implemented via Component Requirements. The best reference for components is the CC itself. Consequently, the CC allows for the introduction of new components within PPs and STs, and the knowledge base allows new components to be introduced and organized in the same way as in the CC. Click on any of the buttons in the CC Extensions box to see how this works.
Links from categories to environment statements, down to Security Objectives, and finally to CC Components are provided by Mapping tables. You can access these by pressing the appropriate Links buttons. For example, to see the mappings from General Threats to Security Objectives, press the Links button physically to the left of and almost between the buttons for these two tables. These mapping links allow you to investigate possible refinements of, and responses to, the environment statements you select for inclusion in a PP.
The Abbreviations button provides
an online version of Appendix B of this Guide.
The About button provides some reference
information found in the final References section of this User Guide.
Domain Knowledge Observation Reports (DKORs) are described in Section 4.6.1 and Appendix A.4.3. The
Close button just closes the Main Menu.
Finally, once you have developed your own extensions of the knowledge base, the HTML button provides a means for efficiently producing your own knowledge base reports in HTML, and the CCT button provides a way to port your knowledge base to the CC Toolbox for use in building PPs and STs. These last two topics are discussed in Section 3.2 and Section 5.2, respectively.
This section explains some of the issues that are of concern for anyone who uses the knowledge base.
This document is organized into five sections and four supporting appendices. The structure is designed to support use, both as a text on the knowledge base and as a reference manual for looking things up.
Section 2 presents requirements for running the knowledge base and suggestions on protecting the knowledge base during use.
Sections 3 and 4 explain knowledge base navigation and attempt to give the reader a good understanding of the knowledge base semantics.
Section 5 describes the CC ToolBox use of the knowledge base in detail and shows how to transport new knowledge bases to the CC Toolbox. It includes explanation of a table-dumping interface that could potentially be used to interface with other applications.
Appendix A provides a deeper understanding of the knowledge base semantics by presenting the techniques used to maintain knowledge base integrity. It also provides documentation on the supporting software modules.
Appendix B is a list of acronyms and abbreviations used in the knowledge base.
Appendix C is a Glossary of security terms used in the knowledge base, along with additional database terms used in this Guide.
Appendix D is a list of references.
In discussing forms and menus, this Guide generally uses the same font as the knowledge base. In particular, a San Serif font is used in the following cases:
In both the database and the User Guide, titles are dark red. For those who are viewing the User Guide online, unvisited hyperlinks are in blue.
We welcome your feedback, although we do not currently have plans to maintain the knowledge base. You may contact us by sending e-mail to email@example.com.