4th CACR Information Security Workshop
Louis F. Giles, National Security Agency
Common Criteria Protection Profiles
A Protection Profile (PP) is defined in the Common Criteria as an
implementation-independent set of security requirements for a product
or system that meet specific consumer needs. In simple terms, it is
the document where the customer expresses to the product vendor or
system integrator: "This is what I want."
Mr. Giles will expand on Mr. Booth's presentation and provide a tutorial
on the required structure of a Protection Profile as mandated by the Common
Criteria using existing Protection Profiles as examples.
He will discuss the NSA strategy for the development of protection
profiles for the U.S. Government national security community and provide
NSA experiences in the development of Protection Profiles. Finally, he
will discuss tools developed by NSA to aid in designing Protection Profiles
Mr. Louis F. Giles is the Manager of NSA's Office of Customer Support
in the Information Systems Security Organization. In this position, he
also serves as the NSA Senior Executive responsible for managing the
National Information Assurance Partnership (NIAP), a collaboration
between NIST and NSA to develop and oversee the U.S. National Scheme
for implementing the Common Criteria. Mr. Giles also serves as NSA's
representative to the International Common Criteria Management Committee
and chairs the Common Criteria's Cryptography Working Group.
During his twenty five year career at NSA, Mr. Giles has served in a
variety of technical, policy and management positions involving
Information Systems Security. He graduated from Virginia Polytechnic
Institute in 1974 with a B.S. in Physics and received his M.S. in
Materials Engineering from the University of Maryland in 1979. He
obtained a Doctorate of Law degree from the University of Maryland
in 1983 and is a member of the Maryland Bar.