Protection Profiles for Certificate Issuing & Management Systems

At the heart of many recent efforts to improve Internet security are a group of security protocols such as S/MIME, TLS, and IPSec. All of these protocols rely on public-key cryptography to help provide services such as confidentiality, data integrity, data origin authentication, and non-repudiation. Support for this public-key cryptography is provided by a Public Key Infrastructure, or PKI. The PKI is responsible for binding public keys into certificates and managing those certificates throughout their life-cycle. The part of the PKI directly responsible for generation, issuance, and revocation of certificates is referred to as the Certificate Issuing and Management System, or CIMS. It is important to many potential CIMS customers to understand the level of security provided by a specific product or service. Furthermore, in order to accurately compare products and services from many different sources, built using many different architectures, there should be one set of requirements that can be used to evaluate CIMS. This set of requirements should be written in internationally accepted terms, such as the Common Criteria. Furthermore, it should be generic enough so that it can be used for a wide variety of architectures, but sound enough so that it can be used to provide a meaningful evaluation. This paper describes the development of a set of Common Criteria Protection Profiles that can be used to evaluate CIMS products and services.