A Guide to Understanding Security Testing and Test Documentation in Trusted Systems, Version 1
NATIONAL COMPUTER SECURITY CENTER FORT GEORGE G MEADE MD
Pagination or Media Count:
The National Computer Security Center is issuing A Guide to Understanding Security Testing and Test Documentation in Trusted Systems as part of the Rainbow Series of documents our Technical Guidelines Program produces. In the Rainbow Series, we discuss in detail the features of the Department of Defense Trusted Computer System Evaluation Criteria DoD 5200.28-STD and provide guidance for meeting each requirement. The National Computer Security Center, through its Trusted Product Evaluation Program, evaluates the security features of commercially produced computer systems. Together, these programs ensure that users are capable of protecting their important data with trusted computer systems. The specific guidelines in this document provide a set of good practices related to security testing and the development of test documentation. This technical guideline has been written to help the vendor and evaluator community understand what deliverables are required for test documentation, as well as the level of detail required of security testing at all classes in the Trusted Computer System Evaluation Criteria.
- Computer Systems Management and Standards