USB Portable Storage Device: Security Problem Definition Summary



Similar documents
USB Portable Storage Device: Security Problem Definition Summary

Full Drive Encryption Security Problem Definition - Encryption Engine

collaborative Protection Profile for Full Drive Encryption - Encryption Engine January 26, 2015

collaborative Protection Profile for Full Drive Encryption Authorization Acquisition January 26, 2015

collaborative Protection Profile for Full Drive Encryption - Encryption Engine

Protection Profile for Software Full Disk Encryption

Protection Profile for Full Disk Encryption

National Information Assurance Partnership

Microsoft Windows Common Criteria Evaluation

UNCLASSIFIED CPA SECURITY CHARACTERISTIC SOFTWARE FULL DISK ENCRYPTION. Version 1.1. Crown Copyright 2011 All Rights Reserved

Exam Papers Encryption Project PGP Universal Server Trial Progress Report

CPA SECURITY CHARACTERISTIC ENTERPRISE MANAGEMENT OF DATA AT REST ENCRYPTION

Using Remote Desktop Clients

Plain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75

Secure data storage. André Zúquete Security 1

Cryptographic Modules, Security Level Enhanced. Endorsed by the Bundesamt für Sicherheit in der Informationstechnik

COVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name

Guidelines on use of encryption to protect person identifiable and sensitive information

Top Five Ways to Protect Your Network. A MainNerve Whitepaper

SecureDoc Disk Encryption Cryptographic Engine

FIPS Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive

Secure Storage. Lost Laptops

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

SENSE Security overview 2014

Department of Health and Human Services OFFICE OF INSPECTOR GENERAL

SECUDE AG. FinallySecure Enterprise Cryptographic Module. FIPS Security Policy

Disk encryption... (not only) in Linux. Milan Brož

Firmware security features in HP Compaq business notebooks

Information Security Policy Manual

Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory

Whitepaper Enhancing BitLocker Deployment and Management with SimplySecure. Addressing the Concerns of the IT Professional Rob Weber February 2015

Penetration Testing Windows Vista TM BitLocker TM

High Security Online Backup. A Cyphertite White Paper February, Cloud-Based Backup Storage Threat Models

Secure File Transfer Appliance Security Policy Document Version 1.9. Accellion, Inc.

Protection Profile for Portable Storage Media (PSMPP) Common Criteria Protection Profile BSI-CC-PP Version 1.0

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.

Excerpt of Cyber Security Policy/Standard S Information Security Standards

NOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0

EMC Symmetrix Data at Rest Encryption

Aegis Padlock for business

Pointsec Enterprise Encryption and Access Control for Laptops and Workstations

UNCLASSIFIED CPA SECURITY CHARACTERISTIC REMOTE DESKTOP. Version 1.0. Crown Copyright 2011 All Rights Reserved

GAO INFORMATION SECURITY. Federal Agency Efforts to Encrypt Sensitive Information Are Under Way, but Work Remains. Report to Congressional Requesters

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

CPA SECURITY CHARACTERISTIC SOFTWARE FULL DISK ENCRYPTION

Secure Network Communications FIPS Non Proprietary Security Policy

SERVER, DESKTOP AND PORTABLE SECURITY. September Version 3.0

Encryption Policy (ISP03)

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

INFORMATION TECHNOLOGY SECURITY STANDARDS

Certification Report

That Point of Sale is a PoS

DriveLock and Windows 7

Encrypting a USB Drive Using TrueCrypt

PLATFORM ENCRYPTlON ARCHlTECTURE. How to protect sensitive data without locking up business functionality.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

UF IT Risk Assessment Standard

Security Implications Associated with Mass Notification Systems

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

SHS Annual Information Security Training

SNAPcell Security Policy Document Version 1.7. Snapshield

TOP FIVE RECOMMENDATIONS FOR ENCRYPTING LAPTOP DATA A BEST PRACTICES GUIDE

Course: Information Security Management in e-governance

The virtual safe: A user-focused approach to data encryption

Patterns for Secure Boot and Secure Storage in Computer Systems

Secure cloud access system using JAR ABSTRACT:

Pulse Secure, LLC. January 9, 2015

Secure USB Flash Drive. Biometric & Professional Drives

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Assessing the Security of Hardware-Based vs. Software-Based Encryption on USB Flash Drives

HIPAA Security Alert

True Identity solution

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Threat Modelling for Web Application Deployment. Ivan Ristic (Thinking Stone)

SecureD Technical Overview

SP A Framework for Designing Cryptographic Key Management Systems. 5/25/2012 Lunch and Learn Scott Shorter

Extended Package for Mobile Device Management Agents

EMC VMAX3 DATA AT REST ENCRYPTION

Hardware Security Modules for Protecting Embedded Systems

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

Comodo Disk Encryption

Chap. 1: Introduction

Taxonomic Modeling of Security Threats in Software Defined Networking

BlackBerry 10.3 Work and Personal Corporate

Global security intelligence. YoUR DAtA UnDeR siege: DeFenD it with encryption. #enterprisesec kaspersky.com/enterprise

Cisco Trust Anchor Technologies

Embedded Security for Modern Building Automation Systems

Managing internet security

ISO Controls and Objectives

Forensic Decryption of FAT BitLocker Volumes

FACT SHEET: Ransomware and HIPAA

ISO27001 Controls and Objectives

Newcastle University Information Security Procedures Version 3

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Commercial Solutions for Classified (CSfC) Data-at-Rest (DAR) Capability Package

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Innovative Secure Boot System (SBS) with a smartcard.

Transcription:

USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides a USB interface for connecting to a host computer. The device employs cryptographic means to provide the necessary protection of user data, the strength of which lies in the quality of the cryptographic algorithms, the mode used, the key sizes and the entropy of the authorisation factor (e.g., password, passphrase). The device encrypts the user data as it is stored on the device, and decrypts the user data as it leaves the device. The host computer plays no role in the encryption/decryption of user data. In addition to protecting the user data, the device is also responsible for ensuring the residing system files (e.g., software, firmware) cannot be modified by untrusted entities through the logical interface. The device can also provide an optional capability updating the devices system files (e.g. patches). The device takes the form of a USB memory stick, which may or may not include removable memory media in the device. This cpp is not suitable for use with more general USB devices that provide access to other forms of storage such as CDs, DVDs or magnetic media, nor for more complex devices that may include memory media (such as cameras or media players). The device, its boundaries, components and connections are depicted in Figure 1. Figure 1: USB device boundaries, components and connections 1

It is intended to be used for the following scenarios: Transfer of sensitive data between two host computers. Long term storage of sensitive data. In this cpp we refer to authorisation rather than authentication to reflect the fact that the device does not need to hold reference authentication data, or other data that identifies users as individuals. Authorisation data includes passphrases and possibly other data (such as cryptographic salt values), and is passed to the device which then processes the authorisation data to derive a Key Encryption Key (KEK). The KEK is used to encrypt a Data Encryption Key (DEK) that is generated on the device and used to encrypt and decrypt data stored on the device. The host computer plays no role in the encryption/decryption of user data, other than to gather the necessary authorisation data. Software running on the host computer to gather the authorisation data is part of the TOE, and is subject to requirements to provide certain functionality to users of the device. In addition to user data, the device may also hold data that determines operation of the device itself (including software that may be downloaded to a host computer, such as driver software). This data is referred to as system data. System data may include (but are not limited to) software or firmware, patches, or configuration data. The host computer plays no role in protecting the system data that resides on the device. Keying material (including keys, authorisation data 1, key components, random numbers or any other values that contribute to the creation or derivation of keys) that is stored on the TOE and used to protect user data. All data on the device is either user data, system data, keying material or else unused (unused areas of the device may contain old encrypted user data or encrypted system data). Threats A threat consists of a threat agent, an asset and an adverse action of that threat agent on that asset. The threat agents are the entities that put the assets at risk if an adversary obtains a lost or stolen device. Threat agents Threat agents are unauthorised users, i.e. they do not possess valid authorisation factors. They are referred to here as attackers. 1 Note that while some authorisation data may be present on the device, the policy P.NO_STORE defined requires that reference authorisation data is not persistently stored on the TOE. 2

Assets (resources to be protected) The assets to be protected by the device are: the plaintext user data and keying material requires confidentiality protection, and system data requires integrity protection. In general, some individual data items stored on the device will not be sensitive, but the cpp does not require distinction of security requirements at this more granular level: all user data and keying material is to be protected for confidentiality, and all system data is to be protected for integrity. Adverse actions The underlying consequences of all threats considered in this cpp are that an attacker could retrieve plaintext user data or keying material, or could modify system data. Storage of User Data, Keying material and System Data [T.UNAUTHORISED_USER_DATA_ACCESS] The primary threat to be addressed is the unauthorised disclosure of user data stored on a device. Attackers may attempt to use the logical interface to access plaintext data, or may connect the device to a host that provides raw access to the device content (e.g. to specified disk sectors or blocks). Attackers may gain physical access to the device, and thus bypass the logical interface to obtain access to user data (perhaps by making physical modifications to the device to access its memory via their own physical connections, or the attacker might use advanced inspection equipment to read the contents of memory locations from their physical state). This threat does not include the use of side-channel attacks, which are beyond the scope of this cpp. [T.UNAUTHORISED_SYSTEM_DATA_MODIFICATION] Attackers may modify system data stored on a device. Attackers may attempt to use the logical interface to modify system data, or may connect the device to a host that provides raw access to the device content (e.g. to specified disk sectors or blocks). This threat does not include attacks in which the device or the data it contains are physically modified and the device is then returned to the user; such attacks are beyond the scope of this cpp. 3

[T.PERSISTENT_INFORMATION] Attackers may access user data that remains to be unprotected due to a failure interrupting correct operation of the device. Attackers may look for unencrypted keying material giving them unauthorised access to user data. [T.KEYING_MATERIAL_COMPROMISE] Possession of any of the keys, authorisation data, key components, random numbers or any other values that contribute to the creation of keys or authorisation data could allow an attacker to defeat the encryption. As part of a conservative approach to security, gaining access to keying material is considered to be of equal importance to gaining access to plaintext user data or system data itself. Attackers may look for keying material in unencrypted sectors of the drive and on other peripherals in the operating environment (OE), including in memory used to support power saving modes (in the TOE or in a peripheral). Alternatively an attacker might determine a key because of insufficient entropy used in its generation. [T.WEAK_CRYPTOGRAPHY] Attackers may exploit weak cryptographic algorithms or perform a brute-force attack against the key space. Poorly chosen encryption algorithms, modes, or key sizes will allow attackers to compromise the algorithms, or exhaustively search the key space, giving them unauthorised access to plaintext user data or keying material with relatively low effort. Authorisation [T.AUTHORISATION_GUESSING] Attackers may mount an exhaustive search (brute force) attack against the device to determine authorisation factors to gain unauthorised access to the user data stored on the device. Updates [T.UNAUTHORISED_UPDATE] Attackers may attempt to perform an unauthorised update of the product, which compromises the security features of the device. Poorly chosen update protocols, signature generation/verification algorithms and parameters may allow attackers to install software and/or firmware that bypasses the intended security features and provides them unauthorised access to user data and keying material or allows modification of system data. 4

This threat includes attempts to make an unauthorised rollback of updates so that they are no longer applied, or to replay an old, valid update message containing a superseded update (which might allow a known vulnerability to be exploited). Policies [P.NO_STORE] It is not possible to reconstruct the keys that protect user data from data persistently stored on the TOE. (This means that reference authorisation data is not persistently stored on the TOE.) [P.RECOVERY] If the TOE implements any mechanism to enable data recovery in the event of loss of authorisation data 2 then the TOE must allow this mechanism to be disabled, such that it cannot be re-enabled by an unauthorised user. If no data recovery mechanism is provided by the TOE then this requirement is met. A TOE that provides a data recovery mechanism is required to allow it to be disabled via configuration of the device. [P.AUTH_CHANGE] The TOE enables authorised users to change the value of the authorisation data, but only when supplying correct current authorisation data as part of the change operation. [P.NO_BOOT] Enforced by the Operational environment It shall not be possible to boot from the TOE in its evaluated configuration. Assumptions [A.USER_GUIDANCE] Users will be instructed in secure use of the device, including (but not limited to): using only devices obtained from a recognised and trusted source 2 Such a mechanism would typically be based on the generation of additional recovery keys that enable the DEK to be recovered via inputs other than the user s usual authorisation data. 5

handling the device as a sensitive IT resource choosing appropriately strong authorisation data storing and carrying the device separately from any record of its authorisation factor(s) deactivating the authorised state (i.e. the state following successful submission of authorisation data) if the TOE is to be left unattended while connected to a host PC not leaving the device unattended until all volatile memory has been cleared after a power-off, so that memory remnant attacks are infeasible not using devices that are lost and then found in circumstances that might have allowed modification by an attacker ensuring appropriate backup of data stored on the device (since the device is not required to provide resilience against failure and may not permit recovery). [A.TRUSTED_HOST] The host computer is trusted, free of malware that could interfere with the correct operation of the device. Only authorised users have access to the host computers. [A. INITIAL_DEVICE_STATE] No sensitive data shall be present on the device before the encryption of user data available. While inadvertent exposure to data contained in bad sectors or un-partitioned space is unlikely, tools may be used to recover data from such areas of the drive, consequently it is assumed no sensitive user data is present before encryption is applied. [A.TRUSTED_CONNECTION] Communication between host computer and the device is sufficiently protected to prevent disclosure of, or tampering with, user data, keying material or system data. 6

Glossary Keying material Target of Evaluation Abbreviations cpp DEK KEK RBG TOE USB A data item that is used in combination with other data in order to derive a cryptographic key (e.g. a passphrase, seed, or each of the values used in an xor combination). The set of software, firmware and/or hardware, possibly accompanied by guidance, that implements the security requirements expressed in this Protection Profile Collaborative Protection Profile Data Encryption Key Key Encryption Key Random Bit Generator Target of Evaluation Universal Serial Bus 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information