11 Avc

Tiu chun nh gi an ton thng tin
Chng I
Cu1: Hiu c tnh cp thit
* Ti sao cn quan tm n nh gi ATTT ngay t bc u tin:
- Nu khng nh gi ngay t u s nh hng ti doanh thu, uy tn
- Nu khng nh gi ngay t u s phi thit k, ch to li gy lng ph
- Khng khc phc c hu qu ca 1 sn phm khng tt, khng an ton
- nh thit k, nh sn xut xc nh c l c i ng hng khng
* Ti sao cn phi G ATTT
hiu v tnh cp thit, u tin ta phi v G ATTT
-GATTT theo ngha rng nht l q.trnh G mc AT ca TT cn c bo v di 3 yu cu AT
chnh
+Tnh b mt
+Tnh ton vn
+Tnh sn sng hot ng
-Mc u tin ty thuc vo mc ch s dng m mc u tin yu cu no
*Tnh cp thit
-ATTT lun c gn lin vi cc phng tin x l, lu tr v truyn tin
-Trc y cc phng tin nh vy thng n gin th s v ko c t ng ha. GATTT mi
ch hng ti cc HTCNTT ch cha phi SPCNTT
-Hin nay , cc phng tin CNTT c p.trin ngy cng nhiu v s lng, a dng v phc tp v
chc nng hot ng(phn mm, phn cng hay phn mm+phn cng kt hp, c cht b.v k.sot
hot ng TT). Do cn phi GAT i vi tng sp
-Khi s.dng cc p.tin CNTT trong cc hot ng CNTT ko nhng cn m bo cc chc nng m
cn cn m bo cc chc nng ATTT t ra cho chng.Nu sp ko m bo c mc ATTT th
khi em s.dng c th mang li nhng tn tht cc ln
-Mun bit sp CNTT c m bo mc ATTT mong mun hay ko th phi thng qua GATTT
c lng chnh xc mc ATTT ca sp
Thc t
-Q.trnh ton cu ha ko theo vic s.dng CNTT v Internet cng p.trin trn p.vi ton cu. Do
ATTT l nhim v ca ton TG
-Mng my tnh p.trin lm cho cc sp CNTT tng ln gp bi, phc tp v chc nng cng tng
ln=>m bo ATTT tr nn kh khn gp bi
-CNTT c s.dng hu ht trong tt c cc lnh vc nn cc e da ATTT ngy cng tng v c s
lng v mc
- n lc ko th chp nhn c sp CNTT em ra s.dng m ko c m bo ATTT .Ngay t
khu t.k, ch to phi c duy tr, k.sot trong sut thi gian hot ng cho ti khi ko cn c
lu hnh s dng
=>GATTT gn lin vi p.tch, t.k sp CNTT v php lut ATTT to thnh mt b ba tng th ATTT
nhm bo v TT mc cao nht c th c
Cu2.Cc thut ng v cc khi nim c bn
a.sp CNTT (Information technology products)
-L 1 s kt hp phn cng, phn mm, phn sn(firmware) cung cp 1 chc nng c t.k
s.dng hay kt hp s.dng trong HT CNTT
-Sp CNTT c th l 1 sp n gin hay nhiu sp c cu hnh li nh 1 HT CNTT , mng my tnh

hay 1 gii php nhm tha mn nhng yu cu ca ngi s.dng
Vd : 1 ng dng phn mm(word, excel), HH, Th thng minh
b.AT CNTT (Information Technology Security)
-L tt c cc kha cnh lin quan ti vn xc nh, t c v duy tr tnh b mt , ton vn, tnh
sn sng hot ng, tnh k ton hot ng, tnh xc thc v tnh tin cy
c. GATTT (Information Security Evaluation)
-L q.trnh thu c bng chng v m bo ATTT v p.tch chng theo nhng tiu ch v chc nng
ATTT v m bo ATTT
-GATTT cng to ra o tin cy v ch ra c 1 sp CNTT p ng cc tiu ch ATTT c th
n mc no
d.Tiu ch GATTT (Information Technology Security Evaluation Criteria-ITSEC)
-L nhng y.cu ATTT ca sp CNTT di dng 2 phm tr c th l chc nng v cc yu cu m
bo
+Yu cu chc nng xc nh hnh vi AT mong mun
+Yu cu m bo l c s cho vic t c o AT xem c hiu lc v ci t ng n ko
e.Mc m bo nh gi(Evaluation Assurance Level-EAL)
-L tp hp cc thnh phn chc nng hoc m bo, c kt hp tha mn 1 tp con cc mc
tiu an ton c th
-Mc m bo nh gi thng c gn cho sp CNTT sau q.trnh GATTT
-EAL cho bit sp CNTT c s.dng an ton n mc no
f.H s bo v(protechtion profile-PP) ca mt chng loi sp CNTT l tp cc y.cu AT c lp
vi s ci t nhm p ng nhng y.cu ca ngi s.dng
g.ch nh gi(Target of Evaluation-TOE)
-Gm chnh sp CNTT v ti liu hng dn ngi s.dng v ngi q.tr ca sp phc v cho vic G
h.ch an ton(Security Target-ST)
-L cc y.cu an ton ca 1 TOE xc nh ng thi m t cc bin php AT chc nng v m bo ,
do TOE cung cp tha mn cc y.cu nu.
-Hay ni cch khc l: ST l t hp hon chnh ca nhng mc tiu AT , nhng y.cu chc nng v
m bo, nhng c t vn tt v c s hp l c s.dng lm c s G TOE c ch ra
*QH gia PP,ST v TOE
ST A
TOE A
ST B
TOE B
ST C
TOE C
PP
So snh gia PP v ST
*Ging:
Cng l tp hp cc yu cu p ng nhu cu ca khch hng
*Khc:
Trong PP dnh cho 1 chng loi sp cn ST th cho sp c th
Tt c cc yu cu ca ST phi xut pht t PP cn nhng yu cu ca PP th cha chc c p
ng ST.
*.ngha GATTT
(1):GATTT l vic nh gi PP, ch AT hay ch G tun theo nhng tiu ch ATTT c .n
(2):l vic G sp CNTT hay PP tun theo nhng y.cu ca nhng tiu ch ATTT
Cu3.Cc tiu ch G ca B Quc Phng M, Chu u, CANADA v lin bang M
a.Tiu ch G ca B Quc Phng M
-y l HT tiu ch ATCNTT u tin ca nhn loi , ra i vo t8/1983 bi BQP M vi tn gi l
TCSEC(Trusted Computer System Evaluation Criteria)
-Cc tiu ch trong TCSEC quan tm ti cc HT tin cy x.l d.liu t ng v thng mi hin hnh
- cp ti cc c tnh an ton v cc bin php m bo ti thiu i vi mi c t AT khc nhau
+Yu cu of c tnh nhm ti cc HT x.l TT da trn cc HH mc ch chung
+Y.cu c tnh AT c th p dng cho cc HT vi m.trng c bit nh cc b x.l hay cc my
tnh k.sot q.trnh lin lc
+Cc y.cu m bo c p dng cho tt c dng m.trng v HT tnh ton
-Mc ch ca cc y.cu ny v ca chnh cc tiu ch l hng ti 3 i tng
+Cung cp chun ATTT cho cc nh s.xut, gip nh sx bit TT ci t cc c tnh ATTT cho sp,
t p ng y.cu ca BQP
+Cho php BQP nh gi cng bng v chnh xc
+Cc G phi c x.nh cc HT m.trng c lp v m.trng c th.Trung tm AT quc
gia(National Security Center, NSC) s G sp i vi m.trng c lp theo cch ca q.trnh G sp
thng mi(CPEP-Commercial Product Evaluation Process). G tin cy v cc thuc tnh ca sp
thng qua m.trng vn hnh c th(G chng nhn)
>Cung cp c s ch r cc y.cu ATTT trong cc c t sp: X.nh mc ATTT m KH y.cu i
vi m.trng ca h
-Tiu ch a ra cc mc ch trn c chia thnh 4 phn on A,B,C,D. Mi phn on li
thnh cc phn on con(lp)
-Cc tiu ch xp loi sp thuc cc lp
+C.sch AT
+K ton hot ng
+m bo AT
+Lp ti liu
*Cc phn on
- Phn on D: Bo v ti thiu
+Cha 1 lp duy nht(lp D): Bo v ti thiu ginh cho cc HT c G v ko qua c cc y.cu
ca cc phn on t C-A
-Phn on C: Bo v phn quyn, cha 2 lp
+Lp C1: Bo v AT phn quyn ginh cho sp cung cp s bo v cn thit(phn quyn).iu ny
t c bng tch gia ngi s.dng v d.liu
+Lp C2: Bo v truy nhp c k.sot ginh cho cc sp m k.sot truy nhp mn hn cc sp trong
lp C1: t c vi cc th tc ng nhp v k.sot v c lp ti nguyn (ti nguyn tch hn vi
ngi s dng)
-Phn on B:bo v tp trung, gm 3 lp
+Lp B1:
>Bo v AT gn nhn
>Cha cc c tnh ca C2
>Y.cu gn nhn d.liu, k.sot truy cp tp trung trn cc ch th v cc i tng gn trn v tuyn
b ko hnh thc ca m hnh c.sch AT
+Lp B2:
>Bo v c cu trc
>Da trn lp B1
>Y.cu cng b hnh thc ca c.sch ATTT v hon thin tun th k.sot truy nhp phn quyn v
tp trung
>Tng cng c ch xc thc
>Phi cp n cc knh mt
=>B2 chng truy cp tri php
+Lp B3: Cc min AT
>y.cu nh B2
>Xp t cc hnh ng ca ngi s.dng
>Chng t nhp HT
>Cc c tnh AT cn cc k trng kin v trn tru
>Gi AT ko cn thm m c.trnh hay TT
>HT cn h tr ngi q.tr v k.ton cc th tc phc hi, d phng
=>B3 c kh nng cao chng li s truy cp tri php
-Phn on lp A: Bo v c kim tra
+Gm 1 lp A1: Thit k c k.tra
+Chc nng lp A1~ lp B3
+Tuy nhin, lp A1 thc hin trit tiu p.tch hnh thc hn l nhn thc c t t.k v k.tra hnh
thc ca cc c tnh AT
+P.tch ny phi cung cp mc m bo cao l HT c ci t ng n hn
* u im
-Quan tm ti cc tiu ch AT: c.sch AT , k ton h.ng, m bo AT, tnh hp l phn chia cc lp,
thng tin v cc knh mt v hng dn kim nh AT
-Hng ti x.dng HT tiu ch AT CNTT vn nng nhm ti ngi t.k, s dng v kim nh
-nh hng n cc HT ng dng quc phng c th l OS
+Tp trung vo cc y.cu bo mt TT c x.l loi tr kh nng lm l TT ny
+Quan tm nhiu n nhn AT v cc quy trnh xut thng tin bo mt
*Nhc im
-Cc tiu ch m bo thc hin ha cc p.tin bo v v c.sach an ton m nht
-Cha c s tch bit gia cc y.cu chc nng v m bo
-Cc y.cu k.sot tnh ton vn ca cc p.tin b.v v h tr tnh sn sng ca chng u ko y
-Kh chng minh c 1 sp c thuc lp AT A1 hay ko
b.Tiu ch g ca Chu u
- Nhm n nhu cu G ca sp thng mi v an ton chnh ph
-Phn tch khi nim mc G chc nng v m bo
-C 10 mc t F1 n F10. F1~C1(TCSEC), F5~A1(TCSEC), t F6 gn thm cc k.nim
+F6:Nguyn vn c.trnh d.liu

+F7:Sn sng lm vic ca HT
+F8:Nguyn vn lin lc d.liu
+F9:B mt lin lc d.liu
+F10:AT mng, k c b mt v nguyn vn
-Y.cu m bo x.nh lng v kiu kim nh tnh ng n ca sp. Gm cc mc
+E1: Kim nh
+E2:Phn b c k.sot v k.sot cu hnh
+E3:Truy cp n t.k chi tit v m ngun
+E4:P.tch tn thng tng cng
+E5:Tng ng din gii c t.k v m ngun
+E6:Cc m hnh hnh thc v m t vi cc tng ng hnh thc gia c 2
-Mi sp c th c G cng lc vi nhiu mc chc nng cn cc mc G m bo c tnh tch
ly
-Chuyn i xp x cc mc ITSEC sang TCSEC(cc mc chc nng t F6 ->F10 ko c s tng
ng trc tip sang TCSEC)
Chc nng
m bo
E0
E1
E2
E3
E4
E5
E6
F1
F2
F3
F4
F5
F6
Function
Ensure
E0
E1
E2
E3
E4
E5
E6
Phn chia mc TCSEC

D
C1
C2
B1
B2
B3
A1
Phn chia mc TCSEC

D
C1
C2
B1
B2
B3
A1
F1
F2
F3
F4
F5
F5
*u im
-a ra khi nim tnh m bo v tch ring n vi tnh chc nng
*Nhc im
-Vn c nhng khim khuyt ngay trong cc HT c chng nhn trong cc tiu ch v kh nng
s.dng nhng khim khuyt trong bo v
c.Tiu ch G ca CANADA
-G tnh hiu qu cc d.v AT ca sp
-c t.k cho chnh ph s.dng m ko nhm ti cc sp thng mi
-Chia cc y.cu AT thnh 2 nhm: Chc nng v m bo
-Cc y.cu chc nng cha 4 phm tr chnh sch
+B mt
+Ton vn
+Sn sng
+K ton hot ng
-Cc y.cu m bo gm cc mc G t thp(T-0)n cao(T-7)
-Bao gm cc y.cu v: cu trc, m.trng p.trin, bng chng p.trin, m.trng vn hnh, lp ti
liu v kim nh
*u im
-Phn tch cc y.cu chc nng vi cc y.cu m bo v cht lng thc hin c.sch AT
-Cu trc cc y.cu chc nng r rng
-M t tt c cc kha cnh chc nng
-Phn chia c lp cc y.cu v m bo thc hin c.sach AT
-Quan tm nhiu n s tng ng ln nhau v tng ng ca tt c cc HT p.tin m bo AT
*Nhc im
-Cc y.cu v cng ngh t.k phn nh cn non yu
-Cc phng php v p.tin s.dng ko y chi tit ha
d.Tiu ch G lin bang M
*Mc tiu
-Bo v s u t hin hnh trong cng ngh AT
-Ci tin q.trnh G ang tn ti
-D kin i vi nhng cn thit thay i ca khch hng
-Thc y s ha hp quc t trong G AT CNTT
-a ra khi nim PP
+L 1 tp cc tiu ch x.nh 1 mc c th ca AT v tin cy i vi 1 sn phm cp
-PP gm cc thnh phn chc nng , m bo p.trin v G
+Chc nng:X.nh cc c tnh m sp phi h tr t.k p ng PP
+m bo p.trin: Quy nh mc m mi sp phi h tr thit k, k.sot v s.dng
+m bo G: Gm cc vn nh p.tch knh mt, kim nh ATTT
-nh ngha 3 nhm y.cu
+Chc nng:c cu trc tt v m t tt c cc kha cnh chc nng ca c s tnh ton tin cy
+Cng ngh t.k: nh thc cc nh s.xut s.dng cc cng ngh hin i ca lp trnh lm c s
cho vic khng nh li AT ca sp
+Q.trnh p.tch G: Mang tnh cch chung kh r v ko cha cc phng php lun c th v kim
nh v nghin cu AT SP CNTT
*u im
-S.dng s phn chia c lp cc y.cu ca mi nhm
-Xem xt n vic khc phc khuyt tt ca cc p.tin AT
-a ra k.nim PP
*Nhc im
-Phn tch y.cu m bo G v p.trin =>c nhiu s kt hp cc y.cu m bo=>c th to ra
nhiu h s tng t nhau=>s phc tp thi qu cho vic G v q.trnh phn loi mc
Cu4.nh gi AT Mt M
-Cc sp CNTT c th c cc module mt m
-G cc module mt m c lp vi GATTT : GATTT ch q.tm n vic p.tch G v s ci t
thc s v ng n ca cc module mt m
-1982 c chun LB M 1027(US federal Standard 1027), nh gi thit b mt m da trn DES.Sau
chuyn thnh FIPS PUB 140
-M v CANADA lin kt thit lp ra FIPS PUB 140-1nh chun G i vi cc module mt m
cho c 2 quc gia
-Nm 2001 cp nht thnh FIPS PUB 140-2

-Hin nay c chng trnh kim tra hp l module mt m(Cryptographic Module Validation (CMV)
program)
-Module mt m l g
+Module mt m l tp hp cc phn cng, phn sn hay phn mm hay t hp no chung ci
t cc qu trnh hay nguyn l mt m
-FIB PUB 140-1 v FIPS PUB140-2 cung cp nhng yu cu an ton vi module mt m c ci
t trong cc HT my tnh lin bang
-C 4 mc ATTT t 1-4
-Cc yu cu ca FIPS 140-1 gm
+Thit k c bn v lp ti liu
+Nhng giao din module
+AT vt l
+AT phn mm
+ATHH
+Qun l kho
-Cc yu cu ca FIPS 140-2 gm cc lnh vc lin quan n thit k v ci t AT cc module mt
m nh
+c t
+Cng giao din
+Mi trng vn hnh
+Qun l kho mt m
-Cc mc an ton ca FIPS 140-2
+Mc AT1(thp nht)
Ch r FIPS chp thun thut ton mt m nhng ko yu cu c ch AT vt l trong module khi s
dng thit b lp t sn phm
Cho php cc thnh phn phn mm v phn sn ca module mt m c th thc hin trong h
thng tnh ton chung s dng HH ko c G
+Mc AT2
AT vt l cao hn mc 1, yu cu ng du v bc chc chn chng xm nhp hay kho chng cy
m
Cung cp xc thc da trn vai tr: Xc thc c vai tr ca ngi vn hnh c thm quyn
Cho php mt m mt s phn mm
Yu cu HH t nht t n mc nh gi EAL 2 ca CC
+Mc AT3
Yu cu AT vt l tng cng
C gng ngn nga nhng k xm nhp tim nng t c truy cp ti cc tham s AT trng yu
c gi trong module
Cung cp xc thc da trn nh danh
Yu cu mnh hn i vi vic nhp hay a ra cc tham s AT trng yu
Yu cu phi t n mc EAL 3 ca CC i vi PP, tuyn tin cy v m hnh chnh sch an ton
ko hnh thc HH tin cy c G tng ng c th c s dng
+Mc AT4(cao nht)
Cung cp 1 phong b bo v xung quanh module mt m vi ch nh bo v v p tr tt c
nhng c gng th truy cp vt l tri php
Bo v module mt m chng li tht thot AT gy ra do nhng iu kin mi trng hay nhng

tht thng bn ngoi cc di vn hnh bnh thng ca module v in th v nhit
Cho php cc thnh phn phn mm v phn sn ca module mt m thc hin HT tnh ton
chung, dng HH p ng nhng yu cu chc nng c ch ra i vi mc 3 v c G ti
mc m bo G CC l EAL4 hoc cao hn
Chng II
Cu 1: Phn bit c khi nim an ton v tin cy
Cc khi nim lin quan n an ton v tin cy
tr li
H thng hay sn phm an ton
- HT hay sn phm ATTT l h thng hay sn phm c kh nng chng li c tt c cc loi tn
cng v mi ni mi lc
- Nhng h thng hay sn phm nh vy mang tnh cht l tng. Thc t khng p ng c m
ch c mc tim cn v chp nhn c
- tin cy ph thuc vo yu cu ngi s dng ch ko fi ngi sn xut hay ngi phn phi
An ton
Tin cy
-Hoc-Hoc: Ci g hoc l an ton -Chia mc: C cc mc tin cy
hoc l k an ton
-S hu ca ngi sn xut
-S hu ca ngi s dng
-Kt lun: Da trn nhng c tnh ca -nh gi: Da trn bng chng v s
sn phm
phn tch
-Tuyt i: Ko hn ch c dng nh -Tng i: c xt trong ng cnh
th no, u, khi no v bi ai
s dng
-Mc ch
-c chng
*Cc khi nim c bn
1.Tin trnh tin cy:
-Tin trnh c nh hng n an ton h thng
-Tin trnh m th chi n ko ng hay c c kh nng vi phm chnh sch an ton h thng
2.Sn phm tin cy:
-Sn phm c nh gi v c chp nhn
3.Phn mm tin cy
-Mt b phn phn mm ca h thng m h thng c th da trn n bt buc tun th chnh
sch an ton
4.C s tnh ton tin cy
-Tp hp tt c cc c ch bo v trong mt h thng tnh ton bao gm c phn cng, phn sn v
phn mm kt hp li bt buc tun th chnh sch an ton thng nht trn sn phm hay h thng
5.H thng tin cy
-H thng s dng cc bin php tch hp phn cng v phm mm cho php s dng n x l
thng tin nhy cm
Cu 2: Hiu v cc chnh sch an ton
+Phn bit c chnh sch an ton qun s v thng mi
+Nm r 1 s chnh sch tiu biu
tr li
*Chnh sch an ton l nhng yu cu v an ton m mt h thng cn phi tun th

1.Phn bit chnh sch an ton qun s v thng mi
a.Chnh sach an ton qun s
-Da trn vic bo v thng tin c xp hng
-Mc xp hng: ko xp hng,hn ch,gi kn, b mt v tuyt mt
-T hp xp hng v ngn<rank,compartments>c gi l lp hay loi ni dung thng tin
-Hai yu cu bt buc phi tun th
+Nhng yu cu nhy cm:L nhng yu cu c phn cp
+Nhng yu cu cn th mi bit: Khng phn cp
-Mi ngi mun truy cp ti thng tin nhy cm th phi c trn cho php
-Trn l mc ch r
+Mc nhy cm nht nh m mt ngi c tin cy c php truy cp
+Cn phi bit mt s loi thng tin nhy cm
+Trn ca mt i tng l t hp<rank;compartments>
2.Nhng chnh sch an ton thng mi
-Chia thng tin thnh 3 mc nhy cm: public, c s hu v ni b
-Khc vi chnh sch an ton qun s
+Ko c khi nim trn
+t thc hin cc quy nh cho php truy cp
-Mi ch trng n quyn read access
+Ch nhm ti tnh b mt
+t quan tm n tnh ton vn v sn sng hot ng
3.Mt s chnh sch an ton thng mi in hnh
a.Chnh sch an ton thng mi Clark-Wilson:
-Tp trung vo tnh nguyn vn ca nhng giao dch chnh xc
-Nguyn tc
+Ngi nhn hng ko k vo ho n phn pht nu ko nhn c n t hng ph hp
+Ngi k ton s ko a ra sec nu ko nhn c ho n phn pht
-Ch c ngi c thm quyn mi c php k vo ho n phn pht v n t hng
-Thc hin cc bc theo th t, thc hin chnh xc cc bc lit k v xc thc nhng c nhn
thc hin cc bc to thnh giao dch chnh xc
b.Chnh sch phn chia nhim v
-Chnh sch l s phn chia trch nhim
-Nguyn tc
+Trong cng ty nh mt s ngi c th ng thi c thm quyn a n t hng, nhn hng ho
v vit sc
+ trnh s lm dng, tt nht l cn c 3 ngi ring bit chu trch nhim tng vic trn
c.Chnh sch an ton bc tng trung hoa
-Phn nh nhng yu cu thng mi nht nh bo v truy cp thng itn
-L chnh sch b mt c khch l trong thng mi
*C s ca chnh sch
-Nhng ngi trong cc cn.g ty hot ng trong cc lnh vc khc nhau thng mu thun v
quyn li
-Mu thun ny xy ra khi mt ngi c th t c thng tin nhy cm v cc cng ty cnh tranh
*Nguyn tc phn chia thng tin thnh cc i tng(tp)
-Mi cng ty c mt file ring
-Nhn: Cha cc i tng lin quan n mt cng ty
-Lp mu thun: Cha tt c cc nhm i tng vi cc cng ty cnh tranh

*Nguyn tc truy cp thng tin
-Mt ngi c th truy cp thng tin bt k ngoi thng tin t cc cng ty khc nhau trong cng mt
lp mu thun
-Trong mt lp mu thun; 1 ngi ch c th truy cp cc i tng ca mt cng ty cnh tranh
-Cc cng ty cnh tranh khc trong lp ng vi anh ta
-Ngi c th chuyn sang lp mu thun m anh ta cha truy cp ln no v cng ch c th truy
cp vo mt cng ty cnh tranh trong lp ny
* Chnh sch bc tng Trung Hoa l chnh sch b mt c khch l thng mi trong khi a s
cc chnh sch thng mi tp trung vo tnh ton vn
Cu 3: Cc m hnh an ton
tr li
1.Mc ch ca m hnh an ton v u im ca n
-M hnh an ton c dng kim nh tnh y v ph hp ca mt chnh sch an ton c th
-Lp ti liu mt chnh sch an ton
-Khi nim ho, thit k mt ci t v kim tra ci t c p ng nhng yu cu ca n khng
*u im
-Quyt nh s truy cp ca ngi dng vo i tng
-Chnh sch c thit lp bn ngoi mi trng bt k
2. Mt s m hnh an ton tiu biu
a. M hnh dn an ton truy cp
-Dn l mt cu trc ton hc ca cc phn t di mt ton t quan h
+Cc phn t ca dn c sp xp th t b phn
+Mi cp phn t ca dn lun tn tai cn trn v cn di
+Phn t ln nht ca dn l <top secret, all compartments>
+Phn t nh nht ca dn l <unclassfied, no compartments>
b. M hnh an ton Bell-Lapadula
-L s m t hnh thc cc tuyn ng cho php ca lung thng tin trong h thng an ton
*Mc ch
-Nhn bit c lin lc cho php u l quan trng duy tr bo mt
-Xnh nhng y.cu AT i vi nhng HT iu khin tng tranh dliu ti nhng mc nhy cm
khc nhau
*Hn ch
-Ch quan tm ti tnh bo mt
-Cha ch ra cch thay i vi cc quyn truy cpcng nh cch to ra v xo cc ch th ca cc
i tng
c. M hnh ton vn Biba:
- Mc ch: Ngn chn s sa i d liu khng thch hp
- cp n vn ton vn, b qua vn b mt
- Tnh cht quan trng: No read down + No write up
d.M hnh Graham Denning:
- Bao gm:
+ Tp ch th
+ Tp cc i tng
+ Tp cc quyn
+ V mt ma trn kim sot truy cp
10
Ma trn kim sot truy cp:

Hng cha cc ch th, ct cha cc i tng
-Ni dung c phn t ca ma trn th hin quyn ca ch th i vi i tng
-Vi mi i tng c mt ch th c ch nh, gi l ch s hu vi nhng quyn c bit
-Vi mi ch th, c mt ch th khc c ch nh, gi l ngi kim sot vi nhng c quyn
c bit
-C 8 quy tc bo v c bn:
+ Cch to an ton mt i tng
+ Cch to an ton mt ch th
+ Cch xa an ton mt i tng
+ Cch xa an ton mt ch th
+ Cch cung cp an ton quyn truy nhp c
+ Cch cung cp an ton quyn truy nhp trao quyn
+ Cch cung cp an ton quyn truy nhp xa
+ Cch cung cp an ton quyn truy nhp chuyn i (transfer)
- S dng nhng cu lnh:
Command c(x1, .., xk)
If r1 in M(xs1,)
e.M hnh Harron-Ruzzo-Ullman
-N h thng cp php
-Ch ra cch thay i cc quyn
-S dng cc cu lnh
Command c(X1,,Xk)
If r1 in M(Xs1, Xo1)andRm in M(Xsm, Xom) then OP1.OP1(operation)
f. M hnh Take Grant:
- a ra mt h thng nh mt th
+ Cc nh: ch th hoc i tng
+ Cc cung: gn nhn, biu th cc quyn ca nh xut pht i vi nh m cung i ti
- Gm 4 php ton: Create, Delete, Take v Grant
+ Create v Delete ging vi php ton ca m hnh Graham Denning
+ Take v Grant l hai php ton mi
- M hnh ny c ch v n nhn bit c nhng iu kin m qua ngi s dng c th truy cp
n mt i tng
Cu4.Nhn an ton
a.C s tnh ton tin cy(Trusted Computing Base-TCB)
- L nhng c ch gm t hp ca cc phn mm, phn sn, v phn cng c trch nhim bt buc
tun th cc chnh sch an ton(theo nh ngha chnh sch an ton da cam)
b.M hnh gim st tham chiu (Reference Monitor) bt buc tun th nhng quan h truy nhp
c thm quyn gia nhng ch th v nhng i tng ca h thng
- Yu cu thit k khi ci t:
+ Bit lp
+ y
+ Kim tra
c.Nhn AT (theo nh ngha ca sch Da Cam) l cc thnh phn phn mm, phn sn v phn
cng ca TCB ci t khi nim m hnh gim st tham chiu
* u im khi tip cn theo hng nhn AT:
+ n gin
11
+ Tin li khi thit k nhng h thng tin cy cao

* Nhc im:
+ Ci t nhn AT lm gim nng sut h thng
+ S c mt ca nhn khng m bo rng n cha tt c cc chc nng AT hoc c ci t ng
n
+ i khi kch c ca nhn AT c th ln
Cu 5.Phm vi an ton
- L ranh gii tng tng ca TCB
+ Nhng h thng tin cy cao, TCB phi c thit k v ci t sao cho cc thnh phn h thng
nm trong gianh gii ny
+ Giao din xuyn qua phm vi AT phi tun th nhng yu cu AT ca h thng
- i vi h thng phn tn v nhng h thng h tr ghp ni mng:
+ Ton b h thng my tnh hay thm ch l mt mng cc b c th nm bn trong phm vi AT
c kt ni vi th gii bn ngoi qua h thng tin cy thng c gi l cng kt ni (Gateway)
+ l im kim sot lin lc gia nhng h thng, nhng mng tin cy v mng khng tin cy
- i vi mt HH mc ch chung, da trn thit k nhn
+TCB gm c nhn v nhng tin trnh tin cy
- i vi HH chuyn dng:
+ TCB c th gm nhng phn ca nhng ng dng hoc thm ch ton b h thng
- Phm vi AT l ranh gii tch bit TCB vi phn cn li ca h thng
Phi c tuyn ng tin cy gia ngi s dng v TCB nhng thnh phn khng tin cy
khng th ph hng ch nh ca ngi s dng hoc nh la ngi dng
Vy phm vi AT ch gm nhng thnh phn ca h thng c trch nhim duy AT h thng
Cu 6.Nhng nguyn l h thng thng tin
1.Nhng nguyn l chun C2
- C2 l lp kim sot truy nhp phn quyn
- C2 c 4 nguyn l nguyn thy:
+ Chnh sch AT
+ K ton hot ng
+ m bo
+ Lp ti liu
* Chnh sch AT:
- L nhng yu cu chnh xc v r rng m h thng bt buc tun th
- C 2 tiu ch con:
+ Kim sot truy nhp phn quyn: TCB cn nh ngha v kim sot s truy nhp ca nhng ngi
dng n i tng c nh danh
+ S dng li i tng: Cn g b mi thm quyn truy nhp n i tng ca ch th trc
* K ton hot ng:
- Phi gi mt cch c chn lc v bo v thng tin kim ton
- C 2 tiu ch con:
+Nhn bit v xc thc:
-Yu cu nhng ngi s dng khai bo danh tnh trc khi thc hin hnh ng
- Phi xc thc c danh tnh ngi s dng
+Kim ton: Cn to ra, duy tr v bo v ni dung kim ton
*m bo:
-Phi m bo c h thng bt buc tun th bn yu cu AT
- C hai tiu ch con:
12
+ m bo vn hnh:
-Cn cha min cho vn hnh ca TCB
- Cn m bo tnh ton vn h thng
+ m bo vng i:
- Cn kim nh nhng c ch AT
- Nhng c ch ny phi lm vic nhu cng b trong ti liu h thng
* Lp ti liu:
- C bn tiu ch con
+ Hng dn ngi s dng v c tnh AT:
- M t nhng c ch bo v c cung cp
- Hng dn cch dng cho ngi s dng
+Sch hng dn tin ch tin cy:
- a ra nhng cnh bo v chc nng v quyn hn cn c kim sot khi thc hin tin ch AT
-a ra nhng th tc kim tra v duy tr cc tp kim ton v cu trc bn ghi kim ton chi tit cho
mi kiu s kin kim ton
+ Lp ti liu kim nh: L ti liu m t:
- K hoch kim nh
- Th tc kim nh
- Kt qu kim nh
+ Lp ti liu thit k:
- M t trit l bo v ca ngi sn xut
- Gii thch cch chuyn trit l sang TCB
=> Tm li:
- Cc nguyn l chun C2 ch mang tnh cht tng qut, khng ch r v mt thc hnh
-Cn nhn bit kiu SP v h thng thng dng khi p dng mt mng my tnh c th
-Khng c nhng SP hon ton tun theo cc nguyn l ca chun C2
2.Nguyn l GSSP
-L mt tp hp nhng nguyn l thm nhp rng thc thi bo v thng tin
- Do y ban GSSP ca Hip hi AT cc h thng thng tin (ISSA) pht trin
- Lin quan n nhng c nhn qun l AT cc h thng thng tin hn l SP thng tin
-Cn ang bin ng
-Hin nay chng ta c: Phn cp cc nguyn l thnh ba mc:
+Nhng nguyn l thm nhp rng
+ Nhng nguyn l chc nng rng
+ Nhng nguyn l chi tit
a. Nguyn l thm nhp rng:
- nh ngha r rng, tha nhn k ton hot ng v quy trch nhim ATTT
b. Nguyn l nhn thc:
- Tt c nhng ngi c nhu cu cn bit c th truy cp n nhng nguyn l, nhng chun, nhng
quy nh hay nhng c ch ATTT v cc h thng thng tin v cn c thng tin v nhng e da
c th p dng i vi ATTT
c. Nguyn l v o c:
Thng tin cn c s dng v qun tr ATTT cn c thc hin mt cch c o c
d.Nguyn l nhiu bn: Nhng nguyn l, nhng chun, nhng quy nh v nhng c ch i vi
ATTT v cc h thng thng tin cn cp nhng xem xt v nhng quan im ca tt c cc bn
quan tm
13
e. Nguyn l t l: Nhng kim sot ATTT cn phi t l vi nhng ri ro sa i hay t chi s dng
hoc lm l thng tin
f.Nguyn l tch hp:
Nhng nguyn l, nhng chun, nhng quy nh v nhng c ch i vi ATTT cn phi c phi
hp v tch hp vi nhau v vi nhng chnh sch, nhng th tc ca t chc to ra v duy tr AT
trong ton h thng thng tin
g. Nguyn l kp thi:
Tt c cc bn c k ton hot ng cn hnh ng mt cch phi hp, kp thi ngn chn hoc
p tr nhng v phm hay e don n nhng ATTT v h thng thng tin
h. Nguyn l nh gi: Nhng ri ro n thng tin v h thng thng tin cn c nh gi nh k
i. Nguyn l cng bng: qun l cn phi tn trng nhng quyn v nhn phm ca mi c nhn khi
thit lp chnh sch v khi la chn, thc thi v bt buc tun th nhng bin php ATTT
Nhng nguyn l chc nng rng:
1. Chnh sch ATTT Qun l cn m bo rng chnh sch v nhwungx chun h tr, nhng vch
ranh gii, nhng th tc v nhng hng dn c pht trin
2.Nhn thc v gio dc: Qun l cn phi truyn t chnh sch ATTT n tt c i ng cn b v
m bo rng tt c nhn thc ph hp. Gio dc bao gm cc chun, nhng vch ranh gii,
nhng rhur tc, nhng hng dn
3. K ton hot ng: Qun l cn gi cho tt c cc bn c k ton hot ng i vi truy cp v
s dng ca h i vi thng tin nh trn, sa i, sao chp v xa v h tr nhng ngun ti
nguyn CNTT. Cn phi c kh nng ghi li ngy, gi v trch nhim n tn nhng c nhn i vi
tt c cc s ng ghi nh
4.Qun l thng tin: Qun l cn lp danh mc u n v nh gi nhng ti sn thng tin v ch
nh mc nhy cm v quan trng, Thng tin nh l ti sn cn phi c nh danh duy nht v
trch nhim i vi n phi c ch nh
5.Qun l mi trng: Qun l cn xem xt v n b nhng ri ro c h cho mi truonwg vn trong
v bn ngoi ni m nhng ti sn thng tin v nhng ta nguyn h tr CNTT v ti sn c lu
tr, truyn hay s dng
6.Trnh i ng cn b: Qun l cn thit lp v kim tra trnh lin quan n tnh ton vn, cn
th mi bit v nng lc k thut ca tt c cc bn c truy cp n ti sn thng tin hay ti
nguyn h tr CNTT
7.Ton vn h thng: qun l cn m bo rng tt c nhng tnh cht ca cc h thng v cc c
trng
8.Vng i ca cc h thng thng tin: Qun l cn m bo rng AT hng n tt c cc giai on
ca vng i ca h thng
9. Kim sot truy cp qun l:
10.K hoch i ph bt trc v tnh lin tc vn hnh
11.qun l ri ro thng tin
12.AT h tng c s v AT mng
13.Yu cu hp ng, php l v quy nh ca ATTT
14.Nhng thc hnh o c.
3.Nhng nguyn l an ton c th(chi tit)
C nhiu nguyn l h tr 1 hay nhiu nguyn l chc nng m rng.
Chng III
14
Cu 1: Nm r v cc yu cu chc nng v cc yu cu m bo.Hiu r chc nng v bn

cht cc yu cu
tr li
1.Nhng yu cu chc nng an ton(SFR)
- SFR theo cu trc phn cp t cao xung thp: lp, h , tp, pt.
- M t hnh vi mong i ca TOE.
1.1. Lp chc nng kim ton FAU
*Mc ch:
- Gim st, lu tr, phn tch v bo co thng tin n quan n cc s kin an ton
1.2.Lp lin lc FCO
*Mc ch
-m bo nh danh ca nhng bn pht v nhn lin lc ca thng tin c truyn dn, chng li
kh nng chng chi b lin lc
1.3.Lp h tr mt m FCS
*Mc ch
-Qun l v kim sot vic vn hnh s dng cc kho mt m
1.4.Lp bo v d liu
*Mc ch
-Bo v d liu ngi dng v nhng thuc tnh an ton gn kt vi n trong ch nh gi
-Bo v d liu c nhp v, xut i v lu d liu
1.5.Lp nhn bit v xc thc
*Mc ch
-m bo nhn bit r rng nhng ngi sdng c thm quyn v s gn kt ng n ca nhng
thuc tnh an ton vi ngi sdng v ch th
1.6.Lp qun l an ton FMT
*Mc ch
- Qun l cc thuc tnh, d liu v chc nng an ton
-Xc nh cc vai tr an ton
1.7.Lp ring t FPR
*Mc ch
-Bo v ngi s dng chng li s khm ph v s dng sai danh tnh ca h
1.8.Lp bo v cc chng nng an ton ca ch nh gi FPT
*Mc ch
-Duy tr tnh nguyn vn ca cc chc nng qun l v d liu ca cc chng nng an ton ca ch
nh gi
1.9 Lp hiu dng ti nguyn FRU
*Mc ch
-m bo s sn sng ca cc ti nguyn h thng thng qua kh nng khng li v cp pht dch v
bi s u tin
1.10. Lp truy cp ch nh gi FTA
*Mc ch
- Kim sot vic thit lp phin lm vic ca ngi s dng
1.11. Lp knh v tuyn tin cy FTP
*Mc ch
- Cung cp tuyn lin lc tin cy gia nhng ngi s dng v nhng chc nng an ton ca ch
nh gi v gia chc nng an ton ca ch nh gi v cc sp CNTT tin cy khc
2.Nhng yu cu m bo SAR
15
-T chc phn cp nh t chc phn cp nhng yu cu chc nng an ton

2.1 Lp nh gi h s bo v APE
*Mc ch
- Chng t rng PP l y , ph hp v hon chnh v mt k thut
2.2 Lp nh gi ch an ton ASE
*Mc ch
-Chng t rng ch an ton l y , ph hp v hon chnh v mt k thut
2.3 Lp qun l cu hnh ACM
*Mc ch
- Kim sot qu trnh m qua qu trnh ny ch nh gi v ti liu lin quan ca n c pht
trin , tinh chnh v sa i
2.4 Lp vn hnh v phn pht k hiu ADO
*Mc ch
- m bo s phn pht, ci t, sinh v khi hot ng n ca ch nh gi
2.5 Lp pht trin k hiu ADV
*Mc ch
- m bo rng qu trnh pht trin l c phng php bi vic yu cu cc mc thit k v c t
khc nhau
2.6. Lp cc ti liu hng dn AGD
*Mc ch
- m bo rng tt c cc kha cnh lin quan ca vic vn hnh v s dng an ton ca ch nh
gi u c lp ti liu trong hng dn ngi qun tr v ngi s dng
2.7. Lp h tr vng i ALC
*Mc ch
- m bo rng nhng qu trnh c phng php u c tun th trong nhng pha vn hnh v
duy tr sao cho tnh nguyn vn an ton ko th b ph v
2.8 Lp an ton kim nh ATE
*Mc ch
- m bo s bao hm kim nh y , su kim nh v kim nh c lp v kim nh chc
nng
2.9 Lp c lng tn thng AVA
*Mc ch
- Phn tch s tn ti ca nhng tn thng tim tng
2.10 Lp duy tr s m bo AMA
*Mc ch
- m bo rng ch nh gi s tip tc p ng c ch an ton
Cu 2: Nm r cc EAL
-Thng thng cc sn phm mi ch t ti EAL4
- mi EAL c mi rng buc v gi thnh, lch trnh, kim tra &nhim v.
-Mc ch: m bo TOE ko b bo v qu k lng hoc qu li l.
*Pht trin da trn phn lp cc lp m bo:
-T EAL1-EAL7 gm:
+Qun l cu hnh
+vn hnh v phn pht
+ pht trin
+ti liu hng dn
16
+H tr vng i
+cc php kim nh
+nh gi tn thng
=>+Cc yu cu EAL
+cc yu cu mi
+cc yu cu m bo AT ch yu
+cc yu cu m bo AT h tr
+phn cp tng ln ca mi thnh phn
*Cc mc
EAL1:Mc m bo an ton c kim nh chc nng
EAL2:Mc m bo an ton c kim nh cu trc
EAL3:Mc m bo an ton c kim nh v kim tra c phng php
EAL4:Mc m bo an ton c thit k, kim nh v duyt li c phng php
EAL5:Mc m bo an ton c thit k v kim nh bn hnh thc
EAL6:Mc m bo an ton c kim nh v thit k c thm nh bn hnh thc
EAL7:Mc m bo an ton c kim nh v thit k c thm nh hnh thc, mc ny th hin
kim nh hp trng
Cu 3: Phn bit PP&ST
a. PP
-L ti liu hnh thc phn nh mt tp c lp vi ci t ca nhng yu cu an ton c v chc
nng v m bo i vi sn phm hay h thng CNTT p ng nhng nhu cu c th ca khch
hng
-Qu trnh pht trin h s bo v hng dn khch hng lm sng t, xc nh v xc nhn tnh hp
l nhng yu cu an ton ca h=>KQ cui cng c s dng chuyn ti nhng yu cu ny n
cc nh sn pht trin tim nng v cung cp c s pht trin ch an ton v nh gi hnh thc
i vi sn phm
-Mc ch ca PP :
+Pht biu bi ton an ton mt cch cht ch i vi mt tp hay mt b cho ca cc h thng
hay sp CNTT chnh l ch nh gi
+Ch r nhng yu cu an ton hng n bi ton nhng ko ch r xem nhng yu cu ny s ci
t nh th no
b. ch an ton
-L mt s hng ng ph thuc vo ci t i vi mt PP
+PP ch c t nhng yu cu chc nng v m bo an ton
+ST cung cp mt thit k chi tit m khi n kt hp vi nhng c ch an ton chc nng v nhng
tiu chun m bo an ton c th s hon thnh c nhng yu cu ny
-nh gi ST tp trung vo vic kim tra xem n c din gii ph hp , chnh xc, y v hon
thin hay k ca nhng yu cu trong PP
-ST c vit ra bi nh pht trin sn phm nhm hng ng mt PP v c c bi nhng khch
hng tim nng v c kim duyt bi nh nh gi
Chng IV
Cu 1: Hiu c bn cht ca CEM
Tr li
CEM(Common Evaluation Methodogy-Phng php lun nh gi chung)
-CEM cung cp hng dn c th cho ngi nh gi
17
+ Vn dng v din gii nhng SAR

+ Nhng hnh ng ca nh pht trin SAR
- i tng s dng:
+ Ngi nh gi chnh m p dng CC
+ Ngi cp chng nhn
+ Ngi ti tr nh gi
+ Ngi pht trin
+ Ngi vit PP/ST
+ Nhng ngi khc mun quan tm
- CEM gm c hai phn v mt mc b sung
* Phn 1:
+ Xc nh nhng nguyn l lm nn cho nhng nh gi
+ Vch ra nhng vai tr ca nh ti tr, nh pht trin, nh nh gi v nh thm quyn nh gi
quc gia
* Phn 2:
+ c t phng php lun thng qua nhng tc v, tc v con, hot ng, hot ng con, hnh ng
v n v cng vic ca ngi nh gi
+ Mc b sung: hng dn nh gi cho h khc ph sai st ca lp m bo vng i ALC_FLR
-CEM tp trung vo nhng hnh ng m ngi nh gi phi tin hnh
* Mc ch:
Xc nh nhng yu cu tiu ch chung CC i vi TOE c cp n.
- CEM tp trung vo nhng hnh ng m nhng ngi nh gi phi tin hnh
Mc ch: Xc nh nhng yu cu tiu ch chung CC i vi TOE c cp n
-Nhng nguyn tc nh gi ca CEM:
+Tnh ph hp: Cc hot ng nh gi phi ph hp
+Tnh v t: Tt c nhng nh gi khng c thin lch
+Tnh khch quan: Nhng kt qu nh gi c a ra vi cc quan im mang tnh ch quan ti
thiu nht
+Tnh lp li v tnh ti to: nh gi lp li cng mt TOE hay PP i vi cng nhng yu cu,
cng mt bng chng nh gi phi thu c cng nhng kt qu
+ Tnh mnh ca nhng kt qu: Nhng kt qu nh gi phi y v chnh xc v mt k thut
- Cc bn tham gia trong qu trnh nh gi:
Nh ti tr: L thc th mun cho nh gi c thc hin
+ C th l khch hng hay c quan ca nh pht trin
+ C trch nhim khi hot quan h hp ng vi ngi nh gi v cung cp tt c nhng cng c
CC c yu cu i vi nh gi
Nh pht trin l thc th sinh ra nhng sn phm CC
* Trch nhim:
+Cung cp h tr i vi ngi nh gi trn c s c yu cu
+ Thc hin nhng phn t hnh ng ca nh pht trin c c t bi EAL trong PP
+ Duy tr ni dung gn kt v s th hin ca bng chng
Nh nh gi: L ngi thuc c quan thc hin vic nh gi
+ Trc tip tham gia nhiu nht vo mt qu trnh nh gi
+ Nhn bng chng nh gi t nh pht trin hoc t nh ti tr
+ Thc hin cc thao tc thnh phn v nh gi
+ a kt qu ca cc hnh ng nh gi cho c quan c thm quyn nh gi
C quan c thm quyn nh gi (Evaluation Authotity Ngi c xc nhn hp l):
18
+L t chc c t cch php nhn c trch nhim thit lp v duy tr mt lc nh gi

+Theo di qu trnh nh gi do nh nh gi thc hin
+ Pht hnh cc bo co v chng nhn ph chun, cp giy php
Ngi gim st (Overseer):
+ L ngi theo di ton b qu trnh nh gi m bo vic nh gi c thc hin theo ng
ch dn ca CC v CEM
+Do c quan c thm quyn nh gi c ra
+Chp nhn hoc khng chp nhn kt lun cui cng
+Dn chng bng ti liu v bin h quyt nh gim st vi ngi c thm quyn nh gi
Mi quan h gia cc bn tham gia nh gi:
- c php: C nh hng vi nhau nhng khng vi phm cc nguyn tc trong nh gi

-Khng: Nu cc bn nh hng n nhau c th dn n vi phm cc nguyn tc nh gi
-Cc kt lun c th ca ngi nh gi: Qua:
+ Tt c nhng phn t hnh ng hp thnh ca ngi nh gi u c p ng
+ Tt c nhng yu cu u c p dng
+ Nh pht trin tha mn c tt c
- SFR
- SAR
- Nhng phn t hnh ng ca nh pht trin
- Ni dung v th hin ca nhng tiu ch bng chng
* Khng kt lun c
* Mt s thut ng ca CEM:
- Bo co k thut:
+ L bo co lp ti liu bn phn quyt tng th v lun chng ca n
+ Do ngi nh gi vit v c trnh cho ngi xc nhn hp l v nh ti tr
=> Mc ch: Lp ti liu v lun chng v nhng kt qu nh gi c bit l tnh hp l ca bn
phn quyt
+ Trc tin n c gi cho nh ti tr v nh thm quyn quc gia
+ Sau l nh pht trin v nhng khch hng tim nng
- Bo co quan st (OR): L bo co yu cu lm r hoc ch r nhng vn xy ra trong qu trnh
nh gi
+ Do ngi nh gi a ra
+ Mc ch: c coi l ti liu nh gi hnh thc ra yu cu lm r mt s im v nhn
bit cc vn c th xy ra
- Hot ng (Activity): L vic p dng ca mt lp m bo CC
- Hot ng con (Subactivity): L vic p dng thnh phn m bo ca CC
- Hnh ng (Action):
+ L phn t hnh ng ca ngi nh gi
19
+ Hoc c m t r rng nh cc hnh ng ca ngi nh gi hoc c xut pht r rng t

cc hnh ng ca ngi pht trin trong cc thnh phn m bo ca CC phn 3 (hm l cc hnh
ng ca ngi nh gi)
- Tc v (Task) v tc v con (Subtask): L cng vic nh gi c th ca CEM m n khng nhn
c trc tip t nhng yu cu ca CC
Ti mc cao ca nhng tc v nh gi c th chia lm 2 loi:
+ Tc v u vo (qun l bng chng nh gi)
+ Tc v u ra
Mc ch ca tc v u vo: m bo cho ngi nh gi c mt tp bng chng y v hin
hnh
Nh ti tr c trch nhim cung cp tt c bng chng cho ngi nh gi
+ CEM xut b sung chi tit s bng chng cung cp mt danh sch vi nhng s phin bn
hin hnh
- Ngi nh gi c trch nhim i vi ba tc v con ca tc v u vo:
+ Duy tr cu hnh chnh xc ca bng chng c cung cp v bo v n khi sa i hoc mt
mt v tnh hoc c ch
+ Bo v tnh b mt ca bng chng ph hp vi tnh nhy cm c xc nh bi nh ti tr
+ Gii phng bng chng nh gi sau khi s dng xong bng cch ng thun ln nhau vi nh ti
tr
- Mc ch ca tc v u ra: Lp ti liu nhng quan st v nhng kt lun sinh ra t qu trnh tin
hnh nh gi
+ CEM c t ni dung v nh dng ca thng tin nhn c m bo tnh ph hp v tnh lp
li ca nh gi
+ CEM ch xc nh ni dung thng tin chp thun ti thiu ca nhng bo co nh gi
+ CEM xc nh hai tc v con u ra: Bo co quan st v bo co nh gi
- Phn quyt (Verdict): Qua, khng qua hay khng kt lun c do ngi nh gi a ra tng
ng vi phn t hnh ng ca ngi nh gi CC, thnh phn hay lp m bo
- n v cng vic (Work Unit): L n v nh nht ca hnh ng nh gi nhn c t phn t
hnh ng ca ngi nh gi hay phn t ni dung v th hin bng chng
- Cch c k hiu: (sgk, v d: 3:ADO_ISG.1-2)
*Bng chng nh gi
-Tc v u vo
-Cc hot ng con
-Tc v u ra
-Th hin ca tc v k thut
Cu 2: nh gi PP
- Ni dung ca PP:
+ Thng tin v PP
+ M t TOE
+ Mi trng an ton AT ca TOE
+ Nhng mc tiu an ton
+ Nhng yu cu an ton
- Khch hng (giao PP cho ngi nh gi) -> ngi nh gi (nh gi hnh thc, gi kt qu nh
gi cho ngi c thm quyn chng nhn) -> ngi c thm quyn (cp pht chng nhn)
- Cc hot ng nh gi mt PP y :
+ Tc v u vo
20
+ Hot ng nh gi PP, gm cc hot ng con

nh gi m t TOE
nh gi mi trng ATTT
nh gi phn gii thiu PP
nh gi cc mc tiu AT
nh gi cc yu cu AT CNTT
nh gi cc yu cu AT CNTT c nu r rng
+ Tc v u ra
1. nh gi m t TOE
- Mc ch: Xc nh:
+ Xc nh thng tin m t TOE gip hiu c mc tiu v chc nng ca TOE
+Xc nh phn m t c y v ph hp khng
- u vo: PP
- Cc hnh ng:
+ Hnh ng APE_DES.1.1E
APE_DES.1-1: Ngi nh gi s kho st m t TOE xc nh n m t kiu SP
Ngi nh gi xc nh xem m t TOE c y ngi c hiu mt cch tng qut v cch
s dng ch nh ca SP hay h thng khng, t cung cp bi cnh nh gi
Nu thiu nhng chc nng cn c th ngi nh gi xc nh xem m t TOE c bn lun tha
ng v iu ny khng
V d: Phn m t TOE ca kiu SP Firewall nu n khng th c kt ni ti cc mng.
- ngi nh gi xc nh xem phn m t TOE c bn lun v CNTT v c th cc tnh nng AT
c yu cu bi TOE mc chi tit c ngi c hiu thng qua cc tnh nng khng
- Hnh ng APE_DES.1-3: Ngi nh gi s kho st PP xc nh phn m t TOE c chc ch
khng, tc l liu ngi c ch nh (ngi pht trin, ngi nh gi hay khch hng) c hiu
c ch v cu trc ca cc cu trong phn m t TOE khng
- APE_DES.1-4: Ngi nh gi s kho st PP xc nh phn m t TOE c ph hp ni ti
khng, tc l c xc nh c mc ch chung ca TOE khng
- Hnh ng APE_DES.1.3E
+ APE_DES.1-5: Ngi nh gi s kho st PP xc nh phn m t TOE c ph hp vi cc
phn khc ca PP khng
+ C th ngi nh gi xc nh xem phn m t TOE c m t v cc e da, cc tnh nng an
ton hay cu hnh ca TOE m khng c xt mt ni no khc trong PP khng
2. nh gi mi trng AT (APE_EVN.1)
- Mc tiu: Xc nh liu mc ny c cung cp nh ngha r rng v y v cc vn AT m
TOE v mi trng ca n c nu khng
- u vo: PP
- Hnh ng APE_EVN.1.1E
+ APE_EVN.1-1: Ngi nh gi s kho st phn tuyn b trong mi trng AT TOE xc nh
xem n c xc nh v gii thch cc gi nh khng
+ Ngi nh gi xc nh xem cc gi nh v vic s dng ch nh ca TOE nh ng dng ch
nh ca TOE, gi tr tim nng ca nhng ti sn yu cu TOE bo v v nhng hn ch c th
trong vic s dng TOE
+ Ngi nh gi xc nh xem mi gi nh v cch s dng ch nh ca TOE c c gii thch
chi tit khch hng bit c n ph hp vi yu cu ca h
21
+ Nu nhng gi nh ny khng c hiu mt cch r rng th kt qu cui cng c th l khch

hng s s dng TOE trong mi trng khng ging nh trong gi nh ca h.
+ Ngi nh gi xc nh xem cc gi nh v mi trng s dng TOE c cha cc kha cnh vt
l, t chc cn b v kt ni khng
Kha cnh vt l bao gm cc gi nh v v tr vt l ca TOE hay cc thit b ngoi vi gn km
TOE c th thc hin cc chc nng mt cch AT
VD: Hn ch vng iu khin ca ngi qun tr ch l mt ngi
Tt c vic lu file cho TOE u phi thc hin workstation m TOE chy trn
Kha cnh t chc cn bc cha cc gi nh v nhng ngi dng v ngi qun tr ca TOE hoc
nhng vn khc nh cc tc nhn e da tim nng bn trong mi trng ca TOE
VD:
1. Gi nh l nhng ngi dng phi c nhng k nng hay kin thc chuyn mn no
2. Gi nh ngi dng phi c mc trn ti thiu no
3. Gi nh ngi qun tr s cp nht CSDL dit virus hng thng
Kha cnh kt ni bao gm cc gi nh cn to nhng kt ni gia TOE v cc h thng CNTT hay
cc SP khc.
VD:
1.
Gi nh a ngoi c t nht 100MB lu tr cc log file
2.
Gi nh a mm b v hiu ha
3.
Gi nh khng kt ni TOE vi mng khng tin cy
+ APE_EVN.1-2: Ngi nh gi s kho st tuyn b ca mi trng AT TOE xc nh xem

n c xc nh v gii thch cc e da khng
+ Nu cc mc tiu AT ca TOE v mi trng ca n ch xut pht t cc gi nh v cc chnh
sch AT c t chc th tuyn b v cc e da khng cn thit phi c trong PP, trong trng hp ny
n v cng vic ny khng ng dng c v c coi l tha mn
+ Ngi nh gi xc nh xem tt cat cc e da dc xc nh c dc gii thch r rng di dng
tc nhn e da dc xc nh ,tn cng v ch th ca tn cng khng
+ Ngi nh gi cng xc nh xem cc tc nhn e da c c i din bi cc ti nguyn,
kin chuyn mn k,v cc tn cong c dc i din bi cc phng php tn cng ,cc im yu bt
k b li dng k ?
+ APE_ENV.1-3 : Ngi G s kho st tuyen b ca mi trng AT TOE xc nh xem n
c nh ra v gii thch cc chnh sch AT c t chc k
+ Nu cc mc tiu AT ca TOE v mi trng ca n ch xut pht t cc gi inh v cc chnh
sch AT c t chc th tuyn b v cc e da khng cn phi c trong PP, trong trng hp ny n
v cng vic ny khng p dng c v c coi l tha mn
+ Ngi nh gi xc nh xem cc tuyn b v chnh sch an ton c t chc c c to thnh
di dng cc quy tc l thng hay hng dn m TOE hay mi trng ca n phi tun theo hay
khng. Chnh sch AT c t chc nh yu cu sinh password v m ha xc thc mt chun do
chnh ph quy nh
+ Ngi nh gi xc nh xem mi chnh sch an ton c t chc c c gii thch v hoc th
hin chi tit c th hiu r rng khng
+ Hnh ng APE_ENV.1.2E
+ APE_ENV.1-4: Ngi nh gi s kho st tuyn b ca mi trng an ton TOE xc nh
xem n c cht ch khng tc l ngi c (ngi nh gi v khch hng c th hiu c khng)
22
+ APE_ENV.1-5: Ngi nh gi s kho st tuyn b ca mi trng AT TOE xc nh xem n

c ph hp ni ti khng
VD:
- Tuyn b cha mt e da m phng php tn cng khng thuc kh nng ca tc nhn e
da n khng
- Tuyn b cha mt chnh sch an ton c t chc TOE s khng c kt ni vi Internet v
mt e da m tc nhn xut pht t Internet
- APE_REQ.1-3: Ngi nh gi s kim tra mi thnh phn yu cu chc nng AT TOE m c
nu trong CC phn 2. Nu c nhc li trong PP th c nhc li ng khng
- APE_REQ.1-5: Ngi nh gi s kim tra xem mi tham chiu ti thnh phn yu cu m bo
TOE c ng khng
- APE_REQ.1-6: Ngi nh gi s kim tra xem mi thnh phn yu cu m bo AT TOE m
c nu trong CC phn 3, nu c nhc li trong PP th nhc li c ng khng
- APE_REQ.1-7: Ngi G s kho st tuyn b cc yu cu m bo TOE xc nh xem c bao
gm mt EAL nh nh ngha trong CC hay bin lun v khng cp ti EAL khng
- APE_REQ.1-8: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem tuyn b
cc yu cu m bo AT TOE c ph hp khng
- APE_REQ.1-9: Ngi G s kim tra xem cc yu cu AT ng vi mi trng CNTT c c
nhn ra khng, nu ph hp
- APE_REQ.1-10: Ngi G s kim tra xem tt c cc php ton hon thnh trn cc yu cu AT
CNTT c c nhn ra khng
- Cc thnh phn CC phn 2 v 3 c 4 php ton c php l:
+ Assignment (gn): cho php c t cc tham s
- APE_REQ.1-11: Ngi nh gi s kho st tuyn b cc yu cu AT cNTT xc nh xem cc
php ton c c thc hin ng khng
- APE_REQ.1-12: Ngi nh gi s kho st tuyn b ccs yu cu AT CNTT xc nh xem tt c
cc php ton khng hon thnh c c nhn ra khng
- APE_REQ.1-13: Ngi G s kho st tuyn b cc yu cu AT CNTT xc nh xem nhwungx
s ph thuc m cc thnh phn cn dng trong cc yu cu AT CNTT c tha mn khng
- APE_REQ.1-14: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem c nhng
l l ph hp cho nhng s ph thuc ca yu cu AT m khng tha mn khng
- APE_REQ.1-18: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem cc yu
cu ny c c ln li ti cc mc tiu AT TOE khng
- APE_REQ.1-19: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem cc yu
cu AT i vi mi trng CNTT c c ln vt li vi cc mc tiu AT ca mi trng khng
- APE_REQ.1-20: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem mi mc
tiu AT ca TOE c cha l l ph hp m cc yu cu AT TOE tha mn mc tiu AT khng
- APE_REQ.1-21: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem vi mi
mc tiu AT cho mi trng CNTT c cha l l ph hp m cc yu cu cho mi trng tha mn
mc tiu khng
- APE_REQ.1-22: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem n c
chng minh tp cc yu cu AT CNTT ph hp ni ti khng
- APE_REQ.1-23: Ngi G s kho st c s hp l ca cc yu cu AT xc nh xem n c
chng minh tp cc yu cu AT CNTT cng to nn mt tng th h tr ln nhau khng
* Hnh ng (APE_REQ.1.2E)
23
- APE_REQ.1-24: Ngi G s kho st tuyn b cc yu cu AT CNTT xc nh xem n c cht

ch khng
- APE_REQ.1-25: Ngi G s kho st tuyn b cc yu cu AT CNTT xc nh xem n c y
hay khng
- APE_REQ.1-26: Ngi nh gi s kho st tuyn b cc yu cu AT CNTT xc nh xem n
c ph hp ni ti khng
Cu 3: nh gi theo EAL1
- Mc tiu: Xc nh mc ti thiu t c G EAL1 v cung cp hng dn v cch thc v
phng tin hon thnh vic G
- G EAL1 gm:
+ Tc v u vo
+ Cc hot ng G EAL1
G ST
G qun l cu hnh
G ti liu phn pht v vn hnh
G ti liu pht trin
G ti liu hng dn
Kim nh
+ Tc v u ra
1. G qun l cu hnh
- Mc tiu: Tr gip khc hng xc nh c TOE c G
C mt hot ng con G kh nng qun l cu hnh (ACM_CAP.1): xc nh xem liu ngi
pht trin nh danh r rng TOE cha
u vo: ST v TOE c ph hp vi s kim nh
1:ACM_CAP.1-1: Ngi G s kim tra xem phin bn ca TOE c duy nht khng
1:ACM_CAP.1-2: Ngi G s kim tra xem TOE c c gn nhn vi s tham chiu ca n
khng
1:ACM_CAP.1-3: Ngi G s kim tra xem cc tham chiu TOE s dng c ph hp khng
2.Hot ng G s tn ti phn pht v vn hnh
-Mc tiu: G s y ca ti liu cc quy trnh c dng m bo TOE c ci t , sinh
v kim nh ng nh ch nh ca nh pht trin
-Hot ng con: ADO-IGS.1
-u vo:
+Ti liu hng dn ngi qun tr
+Cc th tc ci t, sinh v kim nh
+TOE ph hp kim nh
*ADO-IGS.1.1E
1:ADO-IGS.1-1: Kim tra xem c c cung cp khng
*ADO-IGS1.2E
1:ADO-IGS.1-2: kho st xc nh xem c miu t cc bc cn thit thc hin mt cch AT
k
3.Hot ng pht trin
-Mc tiu: G ti liu thit k 1 cch y hiu cc chc nng AT TOE cung cp cc chc nng
an ton
-Cha cc hot ng con:
+G c t chc nng ADV-FSP.1
24
+G s th hin ph hp
*ADV-FSP.1: Xc nh xem ngi ptrin cung cp m t y cc chng nng AT ca TOE
cha v liu cc chc nng AT c ph hp tho mn cc yu cu chc nng AT ca ST k
-u vo:ST, c t chc nng, hng dn ngi s dng, hng dn ngi qun tr
+1:ADV-FSP.1-1: Kst c t chc nng xc nh xem n c cha ti liu ko hnh thc cn thit
gii thch ko
+1:ADV-FSP.1-2:Kst xc nh xem n c ph hp vi ni ti k
+1:ADV-FSP.1-3:Kst c t chc nng->xc nh xem n c nhn ra tt c cc giao din chc nng
AT TOE bn ngoi ko
+1:ADV-FSP.1-4:Kst c t chc nng->xc nh xem n ch nhn ra tt c cc giao din chc
nng AT TOE bn ngoi ko
+1:ADV-FSP.1-5:Kst c t giao din chc nng AT TOE xc nh xem n c miu t y v
chnh xc hot ng ca TOE ti mi giao din bn ngoi m miu t cc hat jg ngoi tr cc
thng ip bo li k
*ADV-FSP.1.2E
+ADV-FSP.1-7:Kst c to chc nng->xc nh n c l v d c th y ca cc yu cu chc
nng AT TOE k
*Hot ng con g s th hin ph hp: Xc nh xem ngi p.trin ci t y v ng n
cc yu cu ca ST trong c t chc nng cha
-u vo: ST, c t chc nng, phn tch s ph hp gia c t tm tt TOE v c t chc nng
Chng V:
Cu 1: Hiu c tm quan trng ca h tng c s nh gi
a. Xy dng c s h tng c s nh gi:
Mun tin hnh G ATTT cn c c s h tng G ATTT iu kin
Mi quc gia nn XD cc mi quan h
- Cn xc nh vai tr v trch nhim ca cc bn tham gia vo hot ng G ATTT s dng
CC/CEM
+ Khch hng, ngi pht trin, ngi G ngi bn SP CNTT, nh ti tr, phng th nghim
kim nh tiu ch chung (CCTL), nh thm quyn G quc gia (NEA), ban qun l thi hnh tiu ch
chung (CCIMB)
- Trc tin mi quc gia cn ban hnh lut v khung php l cho php tin hnh G ATTT v
nhng vn lin quan
- Ban hnh cc qui nh, php lnh v nhng hng dn quy nh thi hnh c th ca tt c cc lnh
vc lin quan n G ATTT
b. H tng c s tiu chun o lng:
- L nhng c quan nh nc chu trch nhim v tiu chun o lng i vi cc sp, thit b, linh
kin KH, KT v CN
c. H tng c s c cu t chc:
- C quan bao trm tt c hot ng G ATTT CNTT ca mt quc gia l NEA
+ Di l cc c quan tin hnh hot ng G/ cp chng nhn SP CNTT
C quan nh gi (Evaluation Agency)
C quan cp chng nhn
C quan chnh sch (Policy Agency)
- Ngi nh gi v pht trin phi c kin thc chuyn su v ATTT nht l G ATTT s dng CC
v CEM
- Ring ngi pht trin phi c kin thc chuyn su v pht trin h thng v phn mm ATTT
25
- Ngi G cn nm chc kin thc chuyn su v CNTT

d. H tng c s trang thit b v cc iu kin m bo
- Cc CCTL phi t cc tiu chun AT vt l cao v kim sot AT vt l nghim ngt gi b mt
cc thng tin nhy cm lin quan n cc SP CNTT v thc trng AT ca chng
- Cn duy tr cc iu kin m bo cho h thng my mc v cc hot ng bnh thng
-HT trang thit b cng ngh phi m phng cc mi trng hot ng ca cc sp CNTT
-Cn cung cp cc phn mm HT v cc phn mm dch v: HH mng, H qun tr CSDL, HT
qun l chng ch, dch v www
e.H tng c s ngun nhn lc
-Ngi nh gi v ptrin phi c kin thc chuyn su v ATTT, nht l G ATTT s dng CC v
CEM
-Ngi p.trin phi c kin thc chuyn su v HT v phn mm ATTT
-Ngi nh gi cn nm chc kin thc chuyn su v CNTT
Cu 2:Hiu 2 s G CCEVS v NIACAP
Tr li
1. G CCEVS
a.Pha th nht- Chun b nh gi
- CCEVS-Common Criteria Evaluation and Validation Scheme: L s G QG do hiu hi m
bo thng tin QG (NTAP)
- u vo:
+ PP, ST v TOE nguyn trng
+ Nhng quy trnh ca CCTL
+ CEM
+ CCEVS
- Tc v:
+Nh ti tr ch r nhu cu G AT SP hay HT CNTT
+ Nh ti tr tip xc vi CCTL tha thun hp ng v khi ng nh gi AT
+Nh ti tr cung cp PP,ST hoc /v TOE hin trng cho CCTL
+CCTL chun b k hoc cng vic G,danh mc cc bng c giao np v lch trnh G.
+CCTL trnh ti liu bo co c yu cu cho nh thm quyn G quc gai NEA xt duyt
+Nh thm quyn G quc gia NEA chp thun G c ngh vo s .
+Mt tinh khi ng G
+Mt tinh nh hng cc bn ghi nhn v cc quy trnh(ko bt buc)
- u ra:
+ K hoch cng vic G
+bng nh gi gi cng vic
+K hoc thm nh hp l
+Bn ghi nh ghi nhn
+Tha thun chp nhn G
+Thng qua a vo Dsach cc G ang tin hnh.
b. Pha thc 2 Ting hnh G:
- u vo: ging pha th nht
- Tc v:
+NEA cho CCTL thm quyn tin hnh G v cung cp gim st
+CCTL thc thi G PP, ST v/hoc TOE nghim trng
+CCTL trnh OR cho nh ti tr NEA
26
+Ngi thm nh hp l NIAP lp ti liu cc kt qu G AT CNTT khi cng vic ang tin hnh
+CCTL hon thnh G v trnh ETR cho NEA v nh ti tr
+NEA thm nh ETR khng nh thm nh hp l c th c tip tc
- u ra:
+Cc OR
+Cc bo co tm tt hng thng
+Bng G gi cng vic
+Cc bn ghi gi cng vic G
+ETR
c.Pha th 3-KQ G
-u vo: ETR cui cng
-Tc v
+NEA thm nh ETR cui cng, cp nhng quan tm/vn vi CCTL
+Nh ti tr v CCTL thm nh bn tho bo co xc nhn hp l(VR), cung cp nhng nhn xt
cho NEA
+NEA cng b VR cui cng v cp pht chng nhn CC
+Mt tinh sau khi xc nhn hp l
-u ra
+D tho VR
+VR cui cng
+Chng nhn CC
+Cc mc ghi tn trong danh sch sp chng nhn EPL
+Bo co cc bi hc c rt ra
d.Pha th 4-Duy tr m bo G
-Gm 3 tiu pha: Chp thun, gim st v G li
*Chp thun
-u vo :ST v TOE
-Tc v
+Nh ti tr y.cu c vo chng tnh duy tr chng nhn CMP ti thi im bt u ca khi u
G
+Nh ti tr trnh k hoch duy tr m bo AMP v ti liu lin quan n CCTL, ch nh nh
phn tch AT ca nh pht trin
+CCTL G AMP v ti liu lin quan nh mt phn ca khi u G
+CCTL trnh ETR
*Gim st
-u vo:
+Nhng thay i c ngh
+Bo co G nh hng AT SIA
-Tc v
+Nh ti tr trnh nhng thay i c ngh n NEA
*G li
-Quay tr li qu trnh nh gi ban u
2. G NIACAP
- National Information Assurance Certification and Accreditation Process: Quy trnh chng nhn v
tn nhim m bo thng tin quc gia c sd bi BQP M
- Mc tiu:
+ Chng nhn HTTT (IS) tha mn cc yc AT nu trong TL
27
+ Tip tc duy tr trng thi AT c tn nhim trong sut vng i ca HT

- Nguyn tc:
+ S tha thun gia ngi qun l chng trnh IS, ngi c thm quyn
- C 4 pha: nh ngha, thm nh, xc minh hp l, hu tn nhim
- SSAA (System Security Authorization Agreement Tha thun s cp php AT HT) c dng
hng dn v chng minh bng TL cc kt qu ca C&A
=> So snh: CCEVS v NIACAP:
- Ging: u l phng php tip cn hnh thc hng ti qun l ri ro
- Khc c bn: + CCEVS hng ti nh gi 1 SP c lp vi mi trng ca n v khng thay i
c cc yc m ang tha mn
+ NIACAP hng ti vic tnh nhim ton b HT trong mt mi trng c th
Chng VI: Hiu r tnh hnh G ATTT VN
Tr li
-VN c nhu cu s dng sn phm CNTT t cui nhng nm 80 ca u th k 20.Khng ch
dng li trong vic s dng cc sp CNTT nhp ngoi m VN cn pht trin mt s sp an ton phc
v hot ng ATTT nc nh
-Cc sp CNTT c chc nng ATTT phi k n
+Cc dch v ATTT nh th n t an ton, cc ng dng lin lc trc tuyn v phi trc tuyn an
ton, h qun tr CSDL an ton, dch v web an ton, conference an ton
+Cc thit b cung cp dch v an ton nh in thoi mt, thit b my m chuyn dng
+Cc c ch v h thng an ton nh c ch qun l v phn phi kho b mt, cng khai, dch v
chng thc in t, h iu hnh an ton, firewall, vpn.
-C ch kim sot an ton ca cc sp CNTT trn mi dng li ch yu vic nh gi cc module
mt m bn trong cc sp
-G an ton sp CNTT c tin hnh theo cch nhn tng phn, , cha tin hnh theo cch vn
nng
-i vi cc module mt m tuy c truyn thng v kinh nghim lu nm, chng ta cng cha lm
c bi bn nh FIPS 140
-Mt s nhn thc ca cn b chuyn mn c yu cho rng m bo c module mt m an ton
trong cc sp ATTT l m bo c an ton cho cc sp
-Nhiu cn b cho rng nh gi mt sp ATTT l n gin v mc tiu chc nng ca sp ATTT ca
chng ta l n gin=>nguy him v ko c chc nng ATTT no l n gin v an ton tng th
ca sp ch tng ng vi an ton ca mt xch yu nht
-Cha hnh dung c s khc bit vai tr ca module mt m trong sp ATTT vi vai tr ca c ch
ATTT tng th ca sp ATTT =>ko nh gi c ht tm quan trng ca nh gi ATTT
-Coi nh hoc thy kh khn tn km trong cng tc nh gi ATTT
=>chng ta cn thc y tuyn truyn cng tc nh gi ATTT v nh hng, nng cao nhn thc
v cng tc ny
-Trong nhng nm ti, VN s pht trin nh gi trn 2 phng din l:
+G kim nh li nhng sp CNTT nhp vo VN s dng
+G thit k ch to v s dng sp ATTT mang nhn hiu VN
-Trong tng lai gn y, VN cn xy dng c quan thm quyn chng nhn v chng nhn an ton
quc t ca cc sp CNTT v t nht 1 trung tm G an ton sp CNTT
28
29

11 Avc

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

11 Avc

Uploaded by

Copyright:

Available Formats

Tiu chun nh gi an ton thng tin

-Sp CNTT c th l 1 sp n gin hay nhiu sp c cu hnh li nh 1 HT CNTT , mng my tnh

+F6:Nguyn vn c.trnh d.liu

Phn chia mc TCSEC

Phn chia mc TCSEC

-Nm 2001 cp nht thnh FIPS PUB 140-2

Bo v module mt m chng li tht thot AT gy ra do nhng iu kin mi trng hay nhng

*Chnh sch an ton l nhng yu cu v an ton m mt h thng cn phi tun th

-Lp mu thun: Cha tt c cc nhm i tng vi cc cng ty cnh tranh

Ma trn kim sot truy cp:

+ Tin li khi thit k nhng h thng tin cy cao

Cu 1: Nm r v cc yu cu chc nng v cc yu cu m bo.Hiu r chc nng v bn

-T chc phn cp nh t chc phn cp nhng yu cu chc nng an ton

+ Vn dng v din gii nhng SAR

+L t chc c t cch php nhn c trch nhim thit lp v duy tr mt lc nh gi

- c php: C nh hng vi nhau nhng khng vi phm cc nguyn tc trong nh gi

+ Hoc c m t r rng nh cc hnh ng ca ngi nh gi hoc c xut pht r rng t

+ Hot ng nh gi PP, gm cc hot ng con

+ Nu nhng gi nh ny khng c hiu mt cch r rng th kt qu cui cng c th l khch

Gi nh khng kt ni TOE vi mng khng tin cy

+ APE_EVN.1-2: Ngi nh gi s kho st tuyn b ca mi trng AT TOE xc nh xem

+ APE_ENV.1-5: Ngi nh gi s kho st tuyn b ca mi trng AT TOE xc nh xem n

- APE_REQ.1-24: Ngi G s kho st tuyn b cc yu cu AT CNTT xc nh xem n c cht

- Ngi G cn nm chc kin thc chuyn su v CNTT

+ Tip tc duy tr trng thi AT c tn nhim trong sut vng i ca HT

You might also like