Department of Defense Trusted Computer System Evaluation Criteria

Department of Defense Trusted Computer System Evaluation Criteria

Active / Technical Report | Accession Number: ADA207905 |

Abstract:

The trusted computer system evaluation criteria defined in this document classify systems into four broad hierarchical divisions of enhanced security protection. The criteria provide a basis for the evaluation of effectiveness of security controls built into automatic data processing system products. The criteria were developed with three objectives in mind a to provide guidance to manufacturers as to what to build into their new, widely- available trusted commercial products in order to satisfy trust requirements for sensitive applications and as a standard for DoD evaluation thereof b to provide users with a yardstick with which to assess the degree of trust that can be placed in computer systems for the secure processing of classified or other sensitive information c to provide a basis for specifying security requirements in acquisitions. Two types of requirements are delineated for secure processing a specific security feature requirements and b assurance requirements. Some of the latter requirements enable evaluation personnel to determine if the required features are present and functioning as intended.

Author(s):

No Author(s) Identified

Author Organization(s):

DEPARTMENT OF DEFENSE FORT GEORGE G MEADE MD

Supplementary Note:

Supersedes rept. no. CSC-STD-001-83, ADA141304.

Pagination:

0119

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

DOD-5200.28-STD

Monitor Series:

WHS/DD

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_8.2_Shape; JCA_8_Building Partnerships; JCA_8.2.4_Leverage Capacities and Capabilities of Security Establishments; JCA_5.4_Decide; JCA_5.4.3_Establish Rule Sets; JCA_5.2_Understand; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_5.6.1_Assess Compliance with Guidance; JCA_5.6_Monitor; JCA_6_Net Centric; JCA_5.5_Direct; JCA_5.5.3_Establish Metrics; JCA_6.1_Information Transport; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_7_Protection; JCA_2_Battlespace Awareness; JCA_2.1_Planning and Direction; JCA_5.3_Planning; JCA_6.4.2_Protect Data and Networks

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

*DATA PROCESSING SECURITY, *DEPARTMENT OF DEFENSE, SYSTEMS ANALYSIS, COMMERCE, MANUFACTURING, ACQUISITION, CLASSIFIED MATERIALS, CONTROL, SENSITIVITY, PROTECTION, GUIDANCE, REQUIREMENTS, COMPUTERS

Field(s)/Group(s):

Computer Systems Management and Standards

Report Date:

1985 Dec 01