Library No. S-228,592
"A Guide to Understanding Trusted Distribution in Trusted Systems,"
latest in the series of technical guidelines that are being published
by the National
Computer Security Center. These publications are designed to provide insi
ht to the
Trusted Computer Systems Evaluation Criteria requirements and guiance
meeting each requirement.
The specific guidelines in this document provide a set of good practices
trusted distribution of the hardware, software, and firmware portions,
originals and updates, of automated data processing systems employed for
processing classified and other sensitive information. This technical
guideline has been written
to help the vendor and evaluator community understand what trusted distribution
is, why it is important, and how an effective trusted distribution system
implemented to meet the requirements of the Trusted Computer Systems Evaluation
As the Director, National Computer Security Center, I invite your
recommendations for revision to this technical guideline. We plan to review
document biannually. Please address any proposals for revision through
National Computer Security Center
9800 Savage Road
Fort George G. Meade, MD 20755-6000
Attention: Chief, Criteria and Guidelines
Patrick R. Gallagher ,Jr. 15 December 1988
National Computer Security Center
Special recognition is extended to James N. Menendez, National Computer
Security Center (NCSC), as project manager and coauthor of this document.
Recognition is also extended to Scott Wright, Advanced Information Management
(AIM), Inc., as coauthor and researcher of this document.
Acknowledgment is also given to all those members of the computer security
community who contributed their time and expertise by actively participating
the review of this document.
1. INTRODUCTION 1
1.1 PURPOSE 1
1.2 SCOPE 2
1.3 CONTROL OBJECTIVE 2
2. OVERVIEW OF TRUSTED DISTRIBUTION 3
2.1 THREATS 3
2.2 PURPOSE OF TRUSTED DISTRIBUTION 5
2.3 LIFE-CYCLE ASSURANCE 6
2.3.1 Assurance for Different Types of Production 7
3. THE TCSEC REQUIREMENTS FOR TRUSTED DISTRIBUTION 9
4. IMPLEMENTATION METHODS 11
4.1 PROTECTIVE PACKAGING 12
4.1.1 Shrink Wrapping 13
4.1.2 Active Systems 14
4.1.3 Tamper-Resistant Seals 14
4.2 COURIERS 15
4.3 REGISTERED MAIL 16
4.4 MESSAGE AUTHENTICATION CODES 17
4.5 ENCRYPTION 18
4.6 SITE VALIDATION 18
4.6.1 Checksum Programs 19
4.6.2 Inventory 20
4.6.3 Engineering Inspection 21
5. SAMPLE IMPLEMENTATION 23
5.1 TRUSTED DISTRIBUTION OF HARDWARE, FIRMWARE, AND
5.2 TRUSTED DISTRIBUTION OF DOCUMENTATION 23
6. SUMMARY OF TRUSTED DISTRIBUTION 25
The Trusted Computer System Evaluation Criteria (TCSEC) is the metric
evaluating the effectiveness of security controls built into Automated
Processing (ADP) systems. The TCSEC is divided into four divisions: D,
C, B, and A,
ordered in a hierarchical manner with the highest division, A, being reserved
systems providing the best available level of assurance.. Within division
C through A
are a number of subdivisions known as classes, which are also ordered
hierarchical manner to represent different levels of security.
At TCSEC class A1, trusted distribution of the hardware, software, and
portions of the Trusted Computing Base (TCB) and their updates shall be
Trusted distribution includes procedures to ensure that all of hte TCB
items, such as the TCB software, firmware, hardware, and updates, distributed
customer site arrive exactly as intended by the vendor without any alterations.
Additionally, trusted distribution may include procedures that enable
site to determine that what was received at the site was actually sent
by the vendor.
The purpose of this guideline is to provide guidance to vendors of trusted
what trusted distribution is, why it is important, and how to select and
effective trusted distribution system to meet the TCSEC requirement.
Examples in this document are not to be construed as the only implementations
that will satisfy the TCSEC requirement. The examples are merely suggestions
appropriate implementations. The recommendations in this document are
to be construed as supplementary requirements to the TCSEC. The TCSEC
is the only
metric against which systems are to be evaluated.
This guideline is part of an ongoing program to provide helpful guidance
TCSEC issues and the features they address.
An important assurance requirement of TCSEC class Al is that the TCB
software, firmware, hardware, and their updates be distributed to a customer
in a trusted manner. This guideline is to be used by vendors of trusted
the preparation of procedures, techniques, and equipment to establish
distribution between a vendor site and a customer site. This guideline
trusted distribution as it relates to computer systems and products that
intended to meet the Al requirements of the TCSEC.
1.3 Control Objective
Trusted distribution focuses primarily on the assurance control objective
the TCSEC. The assurance control objective states:
"Systems that are used to process or handle classified or other
information must be designed to guarantee correct and accurate
interpretation of the security policy and must not distort the intent
policy. Assurance must be provided that correct implementation and
operation of the policy exists throughout the system's life cycle."
Any alteration to the TCB at any time during the system life cycle could
result in a violation of the system security policy. Assurance that the
security policy is correctly implemented and operational throughout the
cycle is provided by different TCSEC requirements. At TCSEC class Al,
distribution, in conjunction with configuration management, provides assurance
that the TCB software, firmware, and hardware, both original and updates,
received by a customer site exactly as specified by the vendor's master
Trusted distribution also ensures that TCB copies sent from other than
parties are detected.
2. OVERVIEW OF TRUSTED DISTRIBUTION
The different divisions of the Trusted Computer System Evaluation Criteria
(TCSEC) were developed to protect against threats that could be directed
Automated Data Processing (ADP) systems. Each higher class is required
provide additional features and assurances over the next lower class,
providing increasing levels of trust. At the C level and above, passwords
mechanisms provide ways to restrict access to a system and make users
accountable for their actions. At the TCSEC B level, the addition of labeling
mechanisms control access to data based on clearances of subjects and
classifications of objects.
The class of system needed by a specific site should be determined by
types of threats that are faced by that site. Generally, the class of
dependent upon the sensitivity level of the data that are being processed
by the site
and the clearance of the system users. According to the Guideline for
Department of Defense Trusted Computer System Evaluation Criteria in Specific
Environments, a risk index corresponding to the minimum clearance or
authorization of system users and the maximum sensitivity of data processed
the system can be used to determine the minimum evaluation class required
The features and assurances in lower class systems protect against the
threat that someone will tamper with a system while it is in operation,
but it is at
TCSEC class Al that the threat of subversion is addressed. Computer subversion
the name generally applied to deliberate, malicious modification of executable
or hardware within a computer system. The subversion can be accomplished
time during the system's life from the earliest stages of design to the
last day of its
use. A component can be subverted either to permit later penetration or
as an act of
sabotage -- to nullify or to degrade the system's capability. Forms of
include the trap door, the Trojan horse, and computer viruses. The threat
subversion exists at all classes; however, the benefit of providing assurance
features to guard against it in lower class systems may not justify the
cost of this
type of protection.
There are basically two threats that trusted distribution protects against.
The first is the threat of someone tampering with a system during its
from a vendor site to a customer site. Throughout this document the term
site" will be used to mean the point from which the TCB hardware,
firmware to be distributed are sent. The term "customer site"
is the point at which
the distributed material is accepted. Specifically, any system component
participates in the enforcement of the security policy of the system is
what needs to
be protected. For example, someone may break into a delivery truck and
malicious code into a trusted system before it reaches the customer site.
system or update being delivered, when installed at the site, will contain
harmful code that could cause compromise of the system's security policy.
distribution may include protective packaging methods that protect against
changes being made to a system (see Section 4.1 Protective Packaging).
distribution may also include methods of detecting if a system and/or
have been accidentally or maliciously altered during or after distribution
validation tests (see Section 4.7 Site Validation).
The second threat protected against by trusted distribution is that
the TCB is
a counterfeit; that is the system or update did not come from the vendor
Trusted distribution includes procedures for the distribution of TCB components,
such as requiring the vendor to notify a customer site of an impending
doing this, trusted distribution protects against the threat of sites
systems that were not distributed by the vendor and provides assurance
vendor was the actual sender of the product or update. Trusted distribution
be able to answer the question, "Was what I received really sent
from the vendor or
an imposter?" Without trusted distribution, all a penetrator needs
to do is package
a system or update containing a virus or Trojan horse so that it looks
as though it
came from an actual vendor. The receiving site, upon seeing the packaging,
assumes that the system or update is genuine, unaware that it is really
counterfeit. To prevent this from happening, the vendor and customer sites
establish procedures requiring them to agree on when deliveries will be
what they will contain.
2.2 Purpose of Trusted Distribution
Hostile attacks may occur on computer systems when they are in use,
is also possible for computer systems to be attacked even before they
at a customer site. The TCSEC requires that assurance mechanisms be in
throughout the life cycle of a system to prevent modifications being made
TCB which could adversely affect the security policy of a system. One
assurance requirement for class Al systems is trusted distribution. Trusted
distribution maintains the integrity of the current TCB software, firmware,
hardware as well as any updates to these by ensuring that any changes
made to the
TCB during the distribution process do not go unnoticed.
"Trap doors can be inserted during the distribution phase. If updates
sent via insecure communications - either U.S. Mail or insecure
telecommunications, the penetrator can intercept the update and subtly
modify it. The penetrator could also generate his own updates and distribute
them using forged stationery. "
The main purpose of trusted distribution is to protect a trusted system
as it is
being distributed, and consequently to provide protection for the information
will be processed on the system. Trusted distribution provides assurance
trusted system arrives at a customer site with all of its security properties
and that the system or update that is received at the customer site is
system or update which was produced from the master copy of the system
against the TCSEC." Any tampering with the TCB software, firmware,
hardware, whether originals or updates, from the time they leave the vendor
the time they arrive at the customer site may permit the security policy
system to be circumvented.
Trusted distribution provides protection against tampering and a means
detecting that a system has been altered; it accomplishes this through
devices (locks), electronic devices (encryption), and procedures (bonding
couriers). It also provides procedures for site validation so that if
mechanism[s] should fail, any modification to the TCB software, firmware,
hardware, both originals and updates, will not go unnoticed. If sufficient
be placed in either the protection methods or the customer site validation,
possible to use that method exclusively. If not, it may be necessary to
techniques for both the protection of the shipment and validation.
2.3 Life-Cycle Assurance
Trusted distribution is one link in a chain of assurances provided by
systems. It is helpful to take a look at all of the other activities that
take place to
ensure that the system in operation is the one that the vendor and customer
The following is a summary of the assurances that are needed to ensure
the product delivered to a customer site is operating under a correct
implementation of the system's security policy:
- Assurance that the product evaluated is the one the manufacturer built
- Assurance that the product built is the one that was sent
- Assurance that the product sent is the one the customer site received.
Long before a system is boxed and prepared to be sent to a customer
assurance needs to be provided that the system is being built as specified.
TCSEC class Al design specification and verification requirements require
formal top-level specification (FTLS) to be maintained that accurately
system. The FTLS is shown to be consistent with the TCB interface. Additionally,
specification to code mapping provides assurance that the design has been
Configuration management provides control over the design and
development of a system, ensuring that the system is built to specification.
main purpose of configuration management is to ensure that any changes
system during design, development, or during the system life cycle "take
an identifiable and controlled environment and that they do not adversely
the implementation of the security policy of the TCB." More information
configuration management can be found in A Guide to Understanding
Configuration Management in Trusted Systems (NCSC-TG-006).
Once the system has been built, security testing shall be performed
that the system works exactly as claimed in the system documentation.
security testing shall demonstrate that the TCB implementation is consistent
Trusted distribution provides assurance that the security policy of
is not violated during distribution of the system. For trusted distribution
successful, the TCB shall have been under configuration management throughout
the development process, ensuring that the integrity of the developer's
of the TCB has been maintained. Without configuration management in place
during the design and development of a system, the assurance provided
distribution will be suspect. True, it will still protect against any
tampering with a
system during delivery, but if the system being delivered has already
tampered with during development then the damage has already been done.
Once the system is in operation at a customer site, assurance shall
provided throughout the system life cycle that the security policy of
the system is
correctly implemented. Configuration management continues throughout the
system life cycle ensuring that any changes to the system take place in
environment. It is said that "a chain is only as strong at its weakest
link," and if
any of these assurances fails during the system life cycle, the probability
security policy of the system could be violated increases.
2.3.1 Assurance for Different Types of Production
Not every distribution is as simple as having the entire computer system
designed, developed, and assembled in a vendor's facility and then shipped
customer site. Most computer systems, particularly large-scale computer
comprise several parts which are produced separately and need to be assembled.
The distribution process for a trusted system may be as simple as shipping
vendor sites to customer sites, or may be as complex as from vendor to
to other sites, or from software development center sites to other sites,
development is done at different sites and then integrated at yet another
pieces of the system transferred between these sites during development
subject to the same trusted distribution requirements as the final TCB
The item, at the point of transfer to a customer site, should be a true
the vendor's master copy.
The manner in which the TCB components are handled prior to distribution
will have an impact on the trusted distribution process. The following
recommendation for how a vendor may provide assurance before the components
are actually shipped. "There are basically two types of production
employ: mass production, and production per request basis. In either case,
will probably be idle time where the system(s) will be waiting for delivery
in some type of warehouse. Strict accounting procedures and physical controls
must be placed on the system(s) both during the delivery to and stay in
warehouse to ensure that no unauthorized modifications are made. For example,
controls must exist which log any entry into the warehouse, authorizations
alteration of any system or range of serial numbers within the warehouse
properly documented, etc."
The "trusted warehouse" spoken of in the preceding paragraph
is not a
TCSEC requirement, but when considering that trusted distribution really
further than just providing assurance from vendor loading dock to customer
loading dock, it should be considered. The assurance that trusted distribution
provides is dependent on a system not being altered before being loaded
delivery truck. The control of the system during "idle time"
should be performed by
configuration management practices, emphasizing the importance of configuration
management in trusted distribution.
3. THE TCSEC REQUIREMENTS FOR TRUSTED DISTRIBUTION
This section lists the TCSEC requirements for trusted distribution.
requirements have been extracted from the TCSEC and have been listed separately
and numbered. How these requirements can be met will be discussed in the
following sections of this document. This section is designed to serve
as a quick
reference for the TCSEC requirements for trusted distribution.
Trusted distribution is required at TCSEC class Al, and the requirement
be broken down into two parts.
Requirement 1 - "A trusted ADP system control and distribution
shall be provided for maintaining the integrity of the mapping between
master data describing the current version of the TCB and the on-site
copy of the code for the current version."
Requirement 2 - "Procedures (e.g., site security acceptance testing)
exist for assuring that the TCB software, firmware, and hardware updates
distributed to a customer are exactly as specified by the master copies."
*** Page 10 is intentionally left blank
4. IMPLEMENTATION METHODS
This section describes various implementation methods that can be used
establish a trusted distribution system and the advantages and disadvantages
each method. When choosing a protective packaging system or a customer
validation process, remember that some devices or techniques provide a
degree of protection than others. The higher the threat to the distribution
the greater the need for more stringent measures or multiple levels of
distribution methods. In many situations, multiple methods for trusted
distribution should be used, such as a protective packaging system during
distribution and site validation upon receipt. This layered approach will
the insider threat or the threat of collusion where employees themselves
contents of a package before it is distributed. Each situation that requires
distribution is unique and requires that the system be addressed individually.
For a National Computer Security Center Al evaluation, a vendor must
submit a plan that describes the trusted distribution method(s) for the
under evaluation. This plan should include a description of the procedures
followed and the mechanisms (type of packaging) to be used for distribution
initial versions and updates. Any deviation from the trusted distribution
submitted could jeopardize the evaluation rating.
There are other requirements in the TCSEC which are related to trusted
distribution, namely those concerning configuration management. A vendor
should be sure that the system sitting on the loading dock is the system
vendor thinks it is. At TCSEC class Al, the configuration management system
shall include, "a combination of technical, physical, and procedural
be "used to protect from unauthorized modification or destruction
the master copy
or copies of all materials used to generate the TCB." All of the
methods that follow are contingent upon prior performance of configuration
management, ensuring that the system has not been maliciously altered
A related concern that plays a part in trusted distribution is that
communication should be established between the vendor and customer sites
both the initial and updated distribution of the TCB software, firmware,
hardware. The procedures used should include agreement between the vendor
customer sites as to the methods to be used for distribution and the time
which the distribution will be made. The sender (the vendor) and receiver
customer) should be uniquely identified prior to distribution for the
distribution system to function successfully. It is essential that this
be made and that procedures be in place for manufacturers to notify users
pending shipments. Included in this identification should be the unique
identification of every component to be shipped. This identification will
the detection of any system configuration changes. Additionally, the customer
should have procedures in place that will keep the customer advised of
changes from the vendor. At a minimum the customer should enforce a policy
forbids the use of any new TCB software, firmware, or hardware without
notification from the vendor of the most current change, to include the
change to the TCBo was sent and the means by which the TCB software, firmware,
and hardware was sent.
Another concern is the reliance on the individuals involved in the design,
development, manufacturing, and distribution of the trusted system. Each
individual who is involved in the system prior to and during distribution
subject to review that would verify his or her trustworthiness and reliability.
Particularly for distribution, all individuals who play a significant
role in the
establishment of the control at the shipping end, or the validation at
end should be worthy of the trust placed in them to perform their roles
Without this step, any process for protection is subject to an insider
4.1 Protective Packaging
Protective packaging is a way of wrapping an item so that it cannot
opened and resealed without leaving some obvious indication that the package
been tampered with. Protective packaging can be provided to limit access
TCB software, firmware, and hardware during shipment and to guarantee
delivery in an unaltered form. Protective packaging ranges from simple
wrapping to complex fiber-optic techniques. The wrapping for shipments
allow the sender and the package contents to remain anonymous. Techniques
as double wrapping the materials to be distributed or an absence of exterior
markings when using shrink wrapping could accomplish this. The technique
for packaging the TCB components for distribution shall be documented
trusted distribution plan.
Protective packaging not only limits access to the materials being
distributed, but also aids in protection against environmental factors,
such as dust
and water. It is not possible to present every protective packaging technique;
however, the examples that follow are provided to present some of the
are currently in use.
4.1.1 Shrink Wrapping
Shrink wrapping is one method of trusted distribution which consists
enclosing the product in a plastic film. This method may be used for TCB
hardware, software, or firmware, but since it does involve the use of
heat, it should
not be used for computer-related equipment that is very sensitive to heat.
When heat is applied to the plastic film in shrink wrapping, the film
contracts, or shrinks, forming a tight seal around the product. If the
wrapped seal is broken, this is an indication that the product being shipped
been tampered with. Not only is shrink wrapping used for the trusted distribution
of TCB components, but many industries including the food and drug industry
shrink wrapping to provide consumer protection that products have not
tampered with. Additional special shrink-wrap techniques are available
increase the reliability of the shrink wrap.
The size and construction of the materials to be packaged are important
considerations when selecting a shrink-wrapping technique. For example,
wrapping products the size of mainframe central processing units (CPUs)
mainframe disk drives is currently not done because of their large size.
will need to be improved to make shrink wrapping a feasible packaging
these types of products.
4.1.2 Active Systems
The use of active systems for protective packaging is a viable method
distribution of TCB software, firmware, and hardware. This method was
intended to secure personal computers and electronic equipment. Conceptually,
active system could include looping a fiber-optic cable through a latch
opening of a container and attaching the cable to a control unit via an
active system provides assurance that a package cannot be entered without
triggering the alarm.
An advantage to the active systems method is that there is a real-time
notification of any tampering with the TCB hardware, software, or firmware
they are being delivered. It is very possible that anyone tampering with
product could be caught before having a chance to modify the system. This
time notification can be circumvented, though, by interfering with the
that the signal will not be picked up. In these cases, the break-in will
but not until the delivery truck reaches its destination. True, it will
too late to catch those responsible for the attack, but the detection
active systems will prevent an altered component from being used that
in a security policy compromise.
4.1.3 Tamper-Resistant Seals
The use of tamper-resistant seals is another method of protective packaging
that may be used to protect the distribution of large TCB software, firmware,
hardware items. One example of a tamper-resistant seal for large items
truck is a special-purpose truck seal. This device generates a random
number when installed on a truck door. When the door is opened a new random
number is generated. The device is encased in metal and epoxy resin to
tampering. By sealing the truck at the vendor facility and sending the
the customer site by secure means, it is possible for the user to determine
or not the truck cargo has been opened.
Other forms of locking devices and seals, such as a high impact security
or company registered seals, can also be applied before shipment and verified
to opening. The different sealing devices used provide different degrees
assurance and should be selected based on the needs of the item being
The use of a courier service is a possible way to establish the trusted
distribution of TCB software, hardware, firmware, both originals and updates.
Couriers provide the advantage of constant surveillance of the materials
transporting. The use of couriers increases the reliability of any delivery
and can easily be used in conjunction with other protective methods such
devices and protective packaging.
There are several commercial firms that can supply bonded services,
manufacturers may use their own internal courier service, if available.
military, the Defense Courier Service (DCS), formerly known as the Armed
Courier Service (ARFCOS), is an alternative.
It is possible to transport the most sensitive materials by means of
The TCB products to be distributed should be considered to be as sensitive
data they are being used to process and should be treated accordingly.
upon the sensitivity of the material to be distributed, the vendor and/or
site may want to establish regulations regarding who may act as a courier,
type of materials they may transport, and where the material may be delivered.
partial list of guidelines for the use of courier service is provided
Persons acting as couriers should be trusted to the level of the
material they are transporting
- Material should remain in their personal custody at all times
- Vendor as consignor should be responsible for the safety of the
- Vendor should notify the customer site of the nature of the shipment,
the means of the shipment, number of seals (if used), and the anticipated
time and date of arrival by separate communication at least 24 hours in
advance of the arrival of the shipment in order that the customer site
take appropriate steps to receive and protect the shipment.
For the use of a courier service to provide trusted distribution successfully,
assurance should exist that the TCB software, firmware, or hardware is
modified while stored in a warehouse before being picked up by the courier.
Otherwise, the assurance provided by the courier will have been defeated.
4.3 Registered Mail
Registered mail can be part of the trusted distribution of TCB hardware,
software, and firmware to a customer site without any undetected disclosure
loss. Although registered mail alone is not sufficient for meeting the
trusted distribution requirement, it does not preclude it from being a
part of the
trusted distribution process. The reason that registered mail alone does
the TCSEC requirement is that although the customer site has to verify
before being allowed to receive a package via registered mail, the sender
have to show any form of identification to mail a package. This can result
scenario detailed earlier in which someone can duplicate a vendor's wrapping
markings and mail a malicious update or system. Provided that the registered
is supplemented by other adequate mechanisms to compensate for its shortcomings,
such as an unforgeable internal signature to ensure the identity of the
can meet the trusted distribution requirement and provide assurance that
was delivered through the mail actually came from the vendor.
When sending TCB software, firmware, hardware, originals or updates, via
registered mail, the products should be considered to be as sensitive
as the data
they are being used to process and should be treated accordingly. Some
to be observed when using registered mail for trusted distribution include:
- Material to be transmitted should be enclosed in opaque inner and
- If the material is in a hard-copy form and is of such size as to permit
the use of envelopes for wrapping, the contents should be protected from
direct contact with the inner container by a cover sheet or by folding
4.4 Message Authentication Codes
Message Authentication Codes provide an effective means for transmitting
segments of TCB software. The banking system is one of the largest users
electronic distribution, and has successfully used Message Authentication
for several years. A Message Authentication Code employs an encryption
for a data stream and from this process develops a unique code that is
the data stream. It is important to note that only the appended code is
encrypted, and the message remains in plaintext. The process, repeated
recipient, must then produce the identical code.
If the codes are not the same, this is an indication that the code being
transmitted has been tampered with. The length of the appended code can
but the strength of the process is directly related to the length of the
code. As with
all encryption-based processes, the management and protection of the key
algorithm is a critical factor that shall be addressed in the design
Encryption of the entire text is an effective way of protecting data
compromise or modification attacks. Encryption has the advantage not only
preventing undetected changes to the TCB software, but also of preventing
of the code for any person without the key. Encryption of TCB software
or private key techniques is a viable method of trusted distribution,
the keys are properly managed, protected, and changed at frequent intervals.
the event that the keys are compromised, it would be possible to alter
software without detection of the alteration.
As stated before, the success of encryption is dependent upon the protection
of the key. For this reason, the key should be subject to some form of
distribution, such as courier, to ensure that it is not compromised. Encryption
provides a significant increase in the quality of assurance; however,
of the system, for example, key generation and distribution, can become
complex and time-consuming activity that needs to be well defined in the
4.6 Site Validation
Site validation is validation by the customer site that the TCB hardware,
software, and firmware received are exactly as specified in the master
validation is most commonly performed on the TCB hardware items that are
shipped, but TCB software and firmware items should also be subject to
of validation testing upon receipt. Site validation includes methods for
that a system has not been tampered with during its movement from vendor
the customer site. Site validation provides a second layer of assurance
distribution. In the event that any of the TCB components were altered
distribution, site validation procedures should detect the alteration
system is installed and any compromise of security policy can take place.
4.6.1 Checksum Programs
Checksum programs provide an acceptable means to detect TCB software
and firmware changes during electronic or physical distribution. In this
method, a group of digits are summed and then checked against a previously
computed sum to verify that no digits have been changed since the last
Any difference in the two sums would indicate that the piece of software
checked had been modified. The following is taken from the Final Evaluation
Report of SCOMP  and describes how SCOMP used the checksum method for
"When a site purchases a SCOMP system, a description of the desired
configuration must be sent to Honeywell. A set of configuration files
then set up and the desired release, with the site specific configuration
is generated. A checksum algorithm is then applied to the executable code.
The executable code is sent to the site along with a checksum generation
program. The checksum that was originally generated is then sent to the
site. The site can run the checksum generation program and compare the
result with the checksum delivered through the mail. The two checksums
provide a means whereby the site can ascertain that the system that they
received was the same system that Honeywell sent to them."
It should be noted that there are ways to improve this approach. The
checksum program should not be distributed with the TCB software. Trusted
distribution implementing checksums should consist of sending one package
containing the checksum generation program and checksum result and another
package containing the TCB software. Both packages should be protected
appropriate means of trusted distribution such as courier or registered
Anyone having access to both the checksum generator and the TCB software
retrieve the output from the checksum program through a print command
the system so that the change would go unnoticed by saving the original
value, modifying the system, and running the checksum program until it
the original checksum, adding modules to inconsequential areas of the
when necessary. It may take some time to get the checksum of the modified
software to equal the original checksum, but with a 16-bit or smaller
may be a practical method for modifying TCB software.
Additionally, current Al systems should enhance their checksum
implementation by using cryptographically protected checksums. Encryption
the checksum and result increases the assurance provided, by preventing
from viewing the checksum result. It also provides protection against
described above because no one would be able to view the checksum result
possessing the proper cryptographic key.
A disadvantage to this implementation is that a checksum program will
limit viewing of the TCB software; it will, however, provide a level of
that the transmission has not been altered.
An inventory is a minimal way of performing customer site validation
TCB hardware. Although this will not meet the TCSEC requirement for trusted
distribution, it may provide an acceptable level of assurance for some
inventory is a simple means of inspecting for the presence or absence
of a piece of
hardware. It consists of an inspection to see if each piece of equipment
listed on the
inventory arrived at its destination. The assurance provided by an inventory
be increased by inspecting the lower level elements of the TCB hardware.
elements would include such things as circuit boards and chips.
The disadvantage of conducting a physical inventory is that many different
hardware families use some of the same hardware components, and a physical
inventory of hardware at each end of the distribution chain will not detect
substitution or change of these similar components in the hardware. It
however, serve to detect any gross discrepancies between the items sent
The advantage of performing an inventory is that it provides a quick
of checking that the TCB components sent were the ones requested. The
it provides will be minimal, but a simple oversight or error in shipping
or the loss of
an item may be detected in this manner. A copy of the invoice should always
be in a
sealed envelope and a second copy should be sent by alternate means, such
courier, so that any invoice tampering can be easily detected.
4.6.3 Engineering Inspection
An engineering inspection provides a more thorough check than an
inventory and may satisfy the TCSEC requirement for trusted distribution
hardware components. It differs from an inventory in that it is a detailed
inspection by a qualified technician in a specific area. The technician
capable of detecting any changes to the inspected equipment that would
TCB. Engineering inspections should be provided for critical parts of
hardware to ensure that the components of the hardware are present and
unchanged, such as ensuring, for example, physical location and serial
parts, are as specified.
A disadvantage to an engineering inspection is that it can be very time-
consuming and it may not be possible for a technician to inspect all of
hardware components because of the locations and construction of the equipment
being inspected. This time element may be offset by a simplified version
safeguard consisting of a confidential agreement between the vendor and
customer as to which parts of the TCB hardware are to be inspected in
will reduce the amount of effort to a reasonable level and, if the specific
are properly identified, will provide an acceptable level of assurance
changes have been made.
***Page 22 was intentionally left blank
5. SAMPLE IMPLEMENTATION
5.1 Trusted Distribution of Hardware, Firmware, and Software
The preceding sections of this document have addressed different methods
that may be used for trusted distribution, but none has explicitly stated
satisfy the TCSEC class Al requirement for trusted distribution. The following
paragraphs describe sample methods for meeting the trusted distribution
requirements. It should be noted that these are not the only methods that
satisfy the requirement. Through the guidance offered in this document,
it is hoped
that vendors will be able to investigate other creative methodologies
to satisfy the
trusted distribution requirement.
When a system is directed to be transported, an acceptable methodology
would be the use of a bonded courier service. The courier would accompany
responsible for the safety of the system. Alternate methodologies would
protective packaging (protecting against unauthorized modifications),
mail, and, specifically on software, the use of encrypted checksums.
Upon arrival of the system at the purchaser's site, the success of the
protective packaging methods provided by the vendor should be validated.
however, the vendor's responsibility to provide either the documentation
manpower to assist the purchaser in determining if the methods used were
successful. Additionally, it is the purchaser's responsibility to provide
configuration management for the system throughout the remaining life
5.2 Trusted Distribution of Documentation
Trusted distribution shall be provided for the distribution of the TCB
hardware, software, and firmware. It can also be said that trusted distribution
required for all of the TCB configuration items as identified in the configuration
management plan for a system. When speaking of configuration items, one
include the documentation for the system. Although not required by the
the documentation and configuration records for a TCSEC class Al system
be delivered to the customer site through trusted distribution. In the
these documents are altered during distribution, it is possible that the
be configured in a manner that would violate the security policy of the
instance, documentation on a TCB mechanism could be altered to allow the
mechanism to be used in a harmful way. Trusted distribution of the documentation
of the system will ensure that the documentation has not been altered
distribution and accurately describes the system.
6. SUMMARY OF TRUSTED DISTRIBUTION
Trusted distribution is necessary to ensure that the TCB software, firmware,
and hardware developed by a vendor arrive at a customer site exactly as
by the master copy that has been evaluated against the TCSEC. Modification
any TCB software, firmware, or hardware, originals and updates, could
result in a
compromise of the system's security policy. Trusted distribution is a
part of the life-
cycle assurance required for trusted systems that ensures that the security
a trusted system remains intact throughout the life cycle of the system.
distribution provides assurance that the TCB components will not be altered
during their distribution from a vendor to a customer site. Generically,
of end-to-end control can be broken down into three stages: post-production,
and delivery. Along with configuration management and the other assurance
requirements of the TCSEC, assurance is provided that no violation of
security policy can occur.
Trusted distribution includes methods of protecting the TCB components
during distribution, and in the event of alteration, methods of detecting
system has been altered before it is installed and compromise of the security
occurs. In the latter case, TCB software containing a virus could be distributed
customer site by an imposter with the intentions of compromising the data
Advances in the ways of attacking a system and an increase in insiders
committing crimes necessitate greater degrees of protection to be provided
systems. Therefore, a successful trusted distribution system should consist
methods of protection and detection and should not rely on any one technique.
***Page 26 was intentionally left blank
A check in which groups of digits are summed, usually without regard
overflow, and that sum checked against a previously computed sum to verify
that no digits have been changed since the last summation. 
The smallest component of hardware, software, firmware, documentation,
any of its discrete portions, which is tracked by the configuration
management system. 
The management of security features and assurances through control of
changes to a system's hardware, software, firmware, and documentation
throughout the development and operational life of the system. 
The process of transforming data to an unintelligible form in such a
the original data either cannot be obtained (one-way encryption) or cannot
obtained without using the inverse decryption process (two-way encryption).
An active system method available for trusted distribution. In this
a fiber optic cable is looped through a latch on the opening of a container
attached to a control unit. The control unit sends a light signal through
cable. If the light is interrupted by the cutting or damaging of the cable
any way, an alarm is set off. The alarm can be audible or telemetric.
Formal Top-Level Specification
A top-level specification that is written in a formal mathematical language
to allow theorems showing the correspondence of the system specification
its formal requirements to be hypothesized and formally proven.
Message Authentication Code
A cryptographically computed number which is the result of passing a
message through the authentication algorithm using a specific key. Lengths
of from 8 to 16 hexadecimal characters can be used.
The period of time that a system is in existence, including its design,
development, implementation, transportation, installation, maintenance,
A hidden software or hardware mechanism that can be triggered to permit
system protection mechanisms to be circumvented. It is activated in some
innocent-appearing manner; e.g., special "random" key sequence
terminal. Software developers often introduce trap doors in their code
enable them to reenter the system and perform certain functions.
A computer program with an apparently or actually useful function that
contains additional (hidden) functions that surreptitiously exploit the
legitimate authorizations of the invoking process to the detriment of
or integrity. 
Trusted Computing Base (TCB)
The totality of protection mechanisms within a computer system -- including
hardware, firmware, and software -- the combination of which is responsible
for enforcing the security policy. A TCB consists of one or more components
that together enforce a unified security policy over a product or system.
ability of a TCB to correctly enforce a security policy depends solely
mechanisms within the TCB and on the correct input by system
administrative personnel of parameters (e.g., a user's clearance) related
the security policy. 
1. American National Standards Institute, Financial Institution Key
Management (wholesale), X9.9, 1982.
2. Department of Defense Computer Security Center, "Final Evaluation
SCOMP, Secure Communications Processor, STOP Release 2.1," CSC-EPL-85-001,
3. Karger, 2LT Paul A. and Schell, Maj. Roger R., Multics Security Evaluation,
Vulnerability Analysis, Electronic System Division, ESD-TR-74-193, June
4. National Computer Security Center, A Guide to Understanding
Configuration Management in Trusted Systems, NCSC-TG-006, March 28,1988.
5. National Computer Security Center, Computer Security Requirements
Guidance for Applying the Department of Defense Trusted Computer System
Evaluation Criteria in Specific Environments, CSC-STD-003-85, 1985.
6. National Computer Security Center, Criterion Interpretation Discussion
#943, September 1986.
7. National Computer Security Center, DoD Trusted Computer System
Evaluation Criteria, DoD 5200.28-STD, 1985.
8. National Computer Security Center, Glossary of Computer Security Terms,
9. Sippl, Charles J., Computer Dictionary, Howard W. Sams & Co.,