Determining Security Requirements for Complex Systems with the Orange Book
NAVAL RESEARCH LAB WASHINGTON DC INFORMATION TECHNOLOGY DIV
Pagination or Media Count:
The DoD Trusted Computer System Evaluation Criteria define requirements corresponding to specified levels of security functions and assurance. They do not, however, help determine what level system is required for a specific environment. A simplistic technique has been proposed for this purpose that takes into account only the classification of the most sensitive information processed by a system, the clearance of its least-cleared user, and the environment in which it was developed. This paper offers a straightforward but richer technique a developer can use to map a specific system architecture and application environment to a particular requirement level as defined in the Criteria. It accounts for differences in functions provided to different users and the ways users can invoke those functions, as well as for users clearances and the sensitivity of data. This technique is applicable throughout the system life cycle, so that security requirements can be updated as changes to system structure and function occur.
- Computer Systems Management and Standards