A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Security Kernel validation in practice
Communications of the ACM
The security kernel approach to secure operating systems
ACM-SE 17 Proceedings of the 17th annual Southeast regional conference
Creating High Confidence in a Separation Kernel
Automated Software Engineering
Engineering a security kernel for Multics
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Reflections on the verification of the security of an operating system kernel
SOSP '83 Proceedings of the ninth ACM symposium on Operating systems principles
Structured specification of a Security Kernel
Proceedings of the international conference on Reliable software
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Formal verification of the ucla security kernel: abstract model, mapping functions, theorem generation, and proofs.
High Robustness Requirements in a Common Criteria Protection Profile
IWIA '06 Proceedings of the Fourth IEEE International Workshop on Information Assurance
Linking remote attestation to secure tunnel endpoints
Proceedings of the first ACM workshop on Scalable trusted computing
Proceedings of the 13th ACM conference on Computer and communications security
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Analysis of three multilevel security architectures
Proceedings of the 2007 ACM workshop on Computer security architecture
An efficient implementation of trusted channels based on openssl
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Enabling fairer digital rights management with trusted computing
ISC'07 Proceedings of the 10th international conference on Information Security
Proceedings of the 1st ACM International Health Informatics Symposium
Hi-index | 0.00 |
This paper presents a Common Criteria protection profile for high assurance security kernels (HASK-PP) based on the results and experiences of several (international) projects on design and implementation of trustworthy platforms. Our HASK-PP was motivated by the fact that currently no protection profile is available that appropriately covers trusted computing features such as trusted boot, sealing, and trusted channels (secure channels with inherent attestation). In particular, we show how trusted computing features are modeled in the HASK protection profile without depending on any concrete implementation for these features. Instead, this is left to the definition of the security targets of a an IT product which claims conformance to the HASK-PP. Our HASK protection profile was evaluated and certified at evaluation assurance level five (EAL5) by the German Federal Office for Information Security (BSI).