A Guide to Writing the Security Features User's Guide for Trusted Systems
Designed for authors of the Security Features User1s Guide (SFUG) for a specific trusted system undergoing evaluation as a trusted product. Discusses the intent behind the requirement for a Security Features User1s Guide and the relationship to other requirements in Trusted Computer System Evaluation Criteria. Describes the various approaches to writing a SFUG. Extensive bibliography.
What people are saying - Write a review
We haven't found any reviews in the usual places.
2.4 USER SECURITY ACCESS CONTROL FACILITIES access control lists Access permission ADP system authentication data classes B2 commands are improperly COMMANDS FOR USERS Computer Security Center Computer System Evaluation DAC policy Default DAC DISCRETIONARY ACCESS CONTROL documentation ELECTRONIC LABELS Evaluation Criteria requirement explain feature-oriented Features User's Guide Guide for Trusted guideline hierarchical classification identification and authentication identify individual user Labeled Objects Machine-Readable Objects mandatory access control named individuals named objects e.g. National Computer Security non-hierarchical categories OBJECT MANIPULATION object's security object's security level password PHILOSOPHY OF PROTECTION procedures for logging Rainbow Series section should describe section should discuss Security Features User's security services SECURITY-RELATED COMMANDS security-relevant sensitivity labels separation of duties session SFUG requirement Single-Level Devices smartcard storage objects subject's security subject's security level subjects and objects subjects external System Evaluation Criteria SYSTEM SECURITY OFFICER technical security policy Trusted Computer System trusted path Trusted Product Evaluation USER SECURITY RESPONSIBILITIES