Accession Number:

ADA155750

Title:

An Approach to Determining Computer Security Requirements for Navy Systems

Descriptive Note:

Final rept. May 84-Jan 85

Corporate Author:

NAVAL RESEARCH LAB WASHINGTON DC

Personal Author(s):

Report Date:

1985-05-13

Pagination or Media Count:

15.0

Abstract:

The DoD Trusted Computer System Evaluation Criteria The Orange Book define requirements corresponding to specified levels of security functions and assurance. These do not The Orange Book, however, help determine what level system is required for a specific environment. It is at present left to the system is expected to be used. This report proposes a straightforward technique a developer can use to map a specific system architecture and application environment to a particular requirement level as defined in the Criteria. This technique is applicable throughout the system life cycle, so that security requirements can be updated as changes to system structure and function occur.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE