User Guide

Profiling Assumptions, Threats, and Policies
Through Objectives to Requirements

Version 1.0i,  March 2000


Table of Contents

1. Background

1.1 Knowledge Base Overview
1.2 Relationship to the Common Criteria
1.3 Initial Use of the Knowledge Base
1.4 Cautions, Caveats, and Scope of the Effort
1.5 Document Overview/Organization
1.6 Typographical Conventions
1.7 Contacting the Authors

2. Configuration and Initial Operation

2.1 Hardware
2.2 Operating System
2.3 Software
2.4 Setting up the Knowledge Base for Initial Operation
2.5 Suggestions on Knowledge Base Development

3. Knowledge Base Overview

3.1 Forms
3.2 Reports
3.3 Queries

4. Knowledge Base Details

4.1 Simple Tables
4.2 Mapping Tables
4.3 The Prompts Table and Form
4.4 The Attributes Table
4.5 CC-Related Tables
4.6 Support Tables

5. ToolBox Use of the Knowledge Base

5.1 How the CC ToolBox Uses the Knowledge Base
5.2 Porting the Knowledge Base to the CC ToolBox

Appendix A. Knowledge Base Integrity

A.1 Enforcing Referential Integrity via Access
A.2 Propagating References That May Point to Several Different Tables
A.3 Integrity Checks for Mapping Tables
A.4 Integrity for Attributes, Prompts, and DKORs
A.5 Software Support Modules

Appendix B. Acronyms and Abbreviations
Appendix C. Glossary
Appendix D. References


The Common Criteria (CC) Profiling Knowledge Base was a joint effort by NSA, The MITRE Corporation, Mitretek Systems, and Sparta, Inc.  The principal authors for this User Guide are Jim Williams and Allen Basey of The MITRE Corporation, John Boone of Mitretek Systems, and John Faust of Sparta, Inc.

The CC Profiling Knowledge Base was built in support of the CC ToolBox, which was developed for NSA by Sparta, Inc., with technical consultation by NIST, NSA, The MITRE Corporation, and Mitretek Systems. 

This knowledge base was developed under NSA funding, under the auspices of NIAP.  Work on the project was administered under MITRE Army contract DAAB07-99-C201 and under Mitretek contract MDA 904-99-C-5025. 


Notice of Disclaimer

NSA and the US Government thru NIAP (National Information Assurance Partnership) are making the CC Profiling Knowledge Base TM and related tools available at no cost. In return, the knowledge base recipient agrees to hold the U.S. Government and the knowledge base developers free from any liability for loss of data or bodily or property injury or harm of any kind resulting from such use or operation. If the knowledge base is modified without express written approval by the National Security Agency, the modified knowledge base may not be called the CC Profiling Knowledge Base TM. Use or operation of the modified knowledge base constitutes an understanding and acceptance of these limitations.