Re: [STDS-P1619] New use for the Common Criteria found
is the date of this email exchange significant ;-)
Eric Hibbard wrote:
> False assumptions:
>
> * Common Criteria certification == secure product
> * Common Criteria (without specific PPs) == accepted by all nations (US
> in particular)
> * CC helps with global warming...all the tweaks to the assurance
> packages result in deforestation and increased carbon dioxide when
> previous version are incinerated (proprietary information)
>
> Nice thought though....
>
> -----Original Message-----
> From: Luther Martin [mailto:martin@VOLTAGE.COM]
> Sent: Tuesday, April 01, 2008 4:33 PM
> To: STDS-P1619@LISTSERV.IEEE.ORG
> Subject: [STDS-P1619] New use for the Common Criteria found
>
> Fight Global Warming with the Common Criteria
>
> There seems to be an unexpected benefit to Common Criteria
> certifications. It appears that they may actually be able to effectively
> combat global warming as Luther Martin from Voltage Security explains.
>
> The debate over global warming seems to be getting shriller by the day,
> with experts on both sides supporting their positions with scientific
> arguments that the average person has almost no hope of fully
> understanding. There are even more arcane arguments about what the best
> thing to do about it is. Some believe that reducing the amount of carbon
> dioxide in the air is the best approach while others argue that there
> are better ways to approach the problem, and that public funds can be
> better spent on other projects.
>
> There are essentially two ways to reduce the amount of carbon dioxide in
> the air: you can either stop adding more or you can find a way to take
> some out. Planting more trees is an easy way to remove carbon dioxide
> from the air because the cellulose fibers and the other components of
> wood are made from carbon dioxide that trees get from air. In the
> language that's used to discuss global warming, trees are a carbon
> dioxide "sink." Some businesses even promise to take advantage of this
> fact by planting additional trees to offset any emissions that their
> operations create. The information security industry may have its own
> way to take advantage of this, and it relates to the Common Criteria.
>
> Buying security products can be tricky because you can't always tell if
> they're working or not. If you have an intrusion detection system
> running, for example, you know that you're going to have false alarms as
> well as missing some real intrusion attempts, and those missed attacks
> can cause trouble. You can hope to get the number of such missed attacks
> down to an acceptable level, but you'll never really know how many you
> missed. With spam filtering you have a similar trade-off between
> mislabeling legitimate e-mail as spam and letting spam sneak through
> your filter, and unless you check the list of messages that have been
> identified as spam on a regular basis, you'll never know how many
> messages were mislabeled.
>
> If a vendor claims that their spam filtering technology only
> misidentifies 0.01 percent of legitimate e-mail as spam while catching
> 99.99 percent of all spam, you might be inclined to think that they got
> this estimate under laboratory conditions that may not reflect the
> real-world. On the other hand, if an independent testing laboratory
> comes up with the same estimate, you'd probably be more inclined to
> believe it. So one good way to work around the problem of the unknown
> quality of security products is to have an independent third-party test
> them and certify them as being good in some way. Doing this helps both
> security vendors and their customers. The vendors benefit from the trust
> that comes with such a certification as well as the shorter sales cycle
> that it can bring. Their customers benefit by the reduced effort
> required to test the products before buying them.
>
> On the other hand, too many certifications can also be a problem.
> Getting products certified is expensive and time-consuming, so vendors
> certainly don't want to do separate certifications for each country or
> for each industry segment. So from the point of view of security
> vendors, the Common Criteria is very useful. As its name tells us, it's
> supposed to be a single standard that's widely accepted. So by getting
> their products Common Criteria certified, vendors only need to get a
> single certification rather than needing to get many different
> certifications.
>
> But the Common Criteria uses a very generalized definition of a product
> that includes lots of additional specialized documentation that has
> little or no relevance to the actual security provided by the product.
> These documents are almost impossible for a non-specialist to get
> correct, and most of the time and effort spent on a Common Criteria
> certification is spent getting these documents just right. And because
> these documents are considered part of the product from the Common
> Criteria point of view, supporters of the Common Criteria can point to
> the errors that occur in these documents as proof that evaluations
> virtually always uncover "flaws" in security products. This is
> definitely not the kind of standard that security vendors or their
> customers would develop on their own, and it really doesn't provide the
> type information that most customers find useful.
>
> Because products (at least as most people would define it - which does
> not include this specialized documentation) almost never changes during
> the evaluation process, being Common Criteria certified doesn't really
> give customers much useful information about the product that they might
> buy - it just verifies that lots of unnecessary paperwork was completed.
> Because of this, customers still need to do additional security testing
> of products that are Common Criteria certified, which eliminates one of
> the key advantages that a certified product is supposed to provide. On
> the other hand, the unnecessary paperwork created by a Common Criteria
> evaluation provides an additional benefit: it helps to fight global
> warming.
>
> The reams of paper that are used for the Common Criteria documents come
> from trees, which are great carbon dioxide sinks. So the extra
> documentation that the Common Criteria process requires may actually
> have a beneficial side effect: the paper that's used for the Common
> Criteria documentation binds up carbon that came from carbon dioxide in
> the air, making it unavailable as a greenhouse gas that can contribute
> to global warming. Note that you just need to print these documents to
> get this advantage; you should feel lucky that you don't actually have
> to read them.
>
begin:vcard
fn:Sandy Stewart
n:Stewart;Sandy
org:Encryption and OEM Products;Systems Group
title:Engineering Director
tel;work:303 661 2775
tel;cell:303 249 4023
version:2.1
end:vcard