Abstract
In the past independent IT security evaluation according to published criteria has not realized its potential for the assessment of privacy enhancing technologies (PETs). The main reason for this was, that PETs were not covered appropriately in the evaluation criteria. This situation has changed somewhat, and therefore this paper reports on a case study, in which we developed Protection Profiles for remailer mixes. One reason for the development of these Protection Profiles was to test the privacy related components in the new Evaluation Criteria for IT Security - Common Criteria (International Standard 15408, ECITS/CC) and to develop improvements. Another reason was to contribute to an independent evaluation of privacy enhancing technologies. The experiment shows, that the ECITS/CC enable PPs for remailer mixes, but that there are still improvements necessary. The paper presents the Protection Profiles and the structured threat analysis for mixes, on which the Protection Profiles are based.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
British Standards Institution: Code of practice for information security management (BS 7799-1: 1999); Specification for information security management systems (BS 7799-2: 1999)
Common Criteria Implementation Board: Common Criteria for IT Security Evaluation, V. 2.0, May 1998; http://csrc.nist.gov/cc
Common Criteria Implementation Board: Common Criteria for IT Security Evaluation, V. 2.1, August 1999; http://www.commoncriteria.org and http://csrc.nist.gov/cc
Common Criteria Project: List of Protection Profiles; http://csrc.nist.gov/cc/pp/pplist.htm
European Commission: IT Security Evaluation Criteria, V. 1.2; 1991-06-28; Office for Official Publications of the EC; also http://www.itsec.gov.uk/docs/pdfs/formal/ITSEC.PDF
Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 1981, Vol. 24, No. 2, pp. 84–88
Chris Corbett: ITSEC in Operation-an Evaluation Experience, Proc. 4th Annual Canadian Computer Security Conference, May 1992, Ottawa, Canada, pp. 439–460
Lance Cottrell: Mixmaster & Remailer Attacks; http://www.obscura.com/~loki/remailer/remailer-essay.html
Privacy Protection and Data Security task Force of the German Society for Informatics: Statement of Observations concerning the Information Technology Security Evaluation Criteria (ITSEC) V1.2; 24 February 1992, edited in Data Security Letter, No 32, April 1992
Giovanni Iachello: Single Mix Protection Profile, Revision 1.11, May 1999; http://www.iig.uni-freiburg.de/~giac
Giovanni Iachello: Protection Profile for an Unobservable Message Delivery Application using Mixes, Revision 1.7, June 1999; http://www.iig.uni-freiburg.de/~giac
Giovanni Iachello: User-Oriented Protection Profile for an Unobservable Message Delivery Application using Mix networks, Revision 2.4, June 1999; http://www.iig.uni-freiburg.de/~giac
Giovanni Iachello: IT Security Evaluation Criteria, and Advanced Technologies for Multilateral Security-The Mix Example; Tesi di Laurea; Universität Freiburg, Institut für Informatik und Gesellschaft, Abt. Telematik and Università degli Studi di Padova; June 1999; http://www.iig.uni-freiburg.de/~giac
ISO/IEC: Guidelines for the management of IT security (GMITS); Parts 1–5; Technical Report 13335 (part 5 still under development)
ISO/IEC: Evaluation Criteria for IT Security (ECITS), Parts 1–3; International Standard 15408;1999-12–16
Anja Jerichow, Jan Müller, Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol; IEEE Journal on Selected Areas in Communications 16/4 (May 1998) 495–509
Kai Rannenberg: Recent Development in Information Technology Security Evaluation-The Need for Evaluation Criteria for multilateral Security; in Richard Sizer, Louise Yngström, Henrik Kaspersen und Simone Fischer-Hübner: Security and Control of Information Technology in Society-Proceedings of the IFIP TC9/WG 9.6 Working Conference August 12–17, 1993, onboard M/S Ilich and ashore at St. Petersburg, Russia;NorthHolland, Amsterdam 1994, pp. 113–128; ISBN 0-444-81831-6
Kai Rannenberg: What can IT Security Certification do for Multilateral Security? pp. 515–530 in Günter Müller, Kai Rannenberg: Multilateral Security in Communications-Technology, Infrastructure, Economy; Addison-Wesley-Longman, München, Reading (Massachusetts)::: 1999; ISBN 3-8273-1360-0
M. K. Reiter and A. D. Rubin. Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1(1):66–92, November 1998.
Paul F. Syverson, David M. Goldschlag, Michael G. Reed: Anonymous connections and onion routing; in: Proceedings of the 1997 IEEE Symposium on Security and Privacy; IEEE Pres, Piscataway NJ
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Iachello, G., Rannenberg, K. (2001). Protection Profiles for Remailer Mixes. In: Federrath, H. (eds) Designing Privacy Enhancing Technologies. Lecture Notes in Computer Science, vol 2009. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44702-4_11
Download citation
DOI: https://doi.org/10.1007/3-540-44702-4_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41724-8
Online ISBN: 978-3-540-44702-3
eBook Packages: Springer Book Archive