A Guide to Understanding Security Testing and Test Documentation in Trusted Systems

Front Cover
DIANE Publishing, 1994 - 121 pages
Provides a set of good practices related to security testing and the development of test documentation. Written to help the vendor and evaluator community understand what deliverables are required for test documentation, as well as the level of detail required of security testing. Glossary. Diagrams and charts.

What people are saying - Write a review

We haven't found any reviews in the usual places.

Selected pages


Other editions - View all

Common terms and phrases

Popular passages

Page 113 - A means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject...
Page 112 - ... inductively proving that the system is secure. A system state is defined to be "secure" if the only permitted access modes of subjects to objects are in accordance with a specific security policy. In order to determine whether or not a specific access mode is allowed, the clearance of a subject is compared to the classification of the object and a determination is made as to whether the subject is authorized for the specific access mode.
Page 112 - Channel An information transfer path within a system. May also refer to the mechanism by which the path is effected.
Page 112 - A formal state transition model of computer security policy that describes a set of access control rules. In this formal model, the entities in a computer system are divided into abstract sets of subjects and objects. The notion of a secure state is defined and it is proven that each state transition preserves security by moving from secure state to secure state; thus, inductively proving that the system is secure. A system state is defined to be "secure" if the only permitted access modes of subjects...
Page 112 - A covert channel that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process.
Page 113 - S1 is said to dominate security level $2 if the hierarchical classification of S1 is greater than or equal to that of S2 and the nonhierarchical categories of Si include all those of S2 as a subset.
Page 113 - The state that exists when computerized data are the same as those in the source documents and have not been exposed to accidental or malicious alteration or destruction. Data item. The expression of a particular fact of a data element; eg, "Blue" may be a data item of the data element named "Color of Eyes.

Bibliographic information