|
A Guide to Understanding Design Documentation in Trusted Systems
TABLE OF CONTENTS
FOREWORD i
ACKNOWLEDGMENTS ii
1. INTRODUCTION 1
1.1 PURPOSE 1
1.2 SCOPE 1
1.3 CONTROL OBJECTIVE 2
2. OVERVIEW OF DESIGN DOCUMENTATION PRINCIPLES 3
2.1 PURPOSE OF DESIGN DOCUMENTATION 3
2.2 DESIGN DOCUMENTATION DEVELOPMENT FOR EVALUATION 3
2.3 LEVEL OF DETAIL OF DESIGN DOCUMENTATION 4
2.4 LEVEL OF EFFORT FOR MEETING THE REQUIREMENTS 4
2.5 FORMAT OF DESIGN DOCUMENTATION 5
3. MEETING THE CRITERIA REQUIREMENTS 7
3.1 THE C1 DESIGN DOCUMENTATION REQUIREMENTS 7
3.2 THE C2 DESIGN DOCUMENTATION REQUIREMENTS 7
3.3 THE B1 DESIGN DOCUMENTATION REQUIREMENTS 7
3.4 THE B2 DESIGN DOCUMENTATION REQUIREMENTS 8
3.5 THE B3 DESIGN DOCUMENTATION REQUIREMENTS 9
3.6 THE A1 DESIGN DOCUMENTATION REQUIREMENTS 9
4. COMPONENTS OF DESIGN DOCUMENTATION 11
4.1 DOCUMENTING THE SECURITY POLICY 11
4.2 DOCUMENTING TCB PROTECTION MECHANISMS 14
4.3 DOCUMENTATION OF COVERT CHANNELS 16
5. OTHER TOPICS 19
5.1 MODULARITY 19
5.2 HARDWARE DESIGN DOCUMENTATION 19
5.3 CONFIGURATION MANAGEMENT 20
6. SUMMARY OF DESIGN DOCUMENTATION 23
APPENDIX A SUMMARY OF DESIGN DOCUMENTATION REQUIREMENTS 25
APPENDIX B EXCERPTS FROM FINAL EVALUATION REPORTS 29
B.1 CLASS C2 29
B.1.1 UTX/32S 29
B.2 CLASS B2 30
B.2.1 Multics 30
B.3 CLASS A1 31
B.3.1 SCOMP 31
GLOSSARY 33
REFERENCES 36
|
