Title :
Comparison of trusted systems evaluation criteria
Author :
Pfleeger, Charles P.
Author_Institution :
Trusted Inf. Syst. Inc., Glenwood, MD, USA
Abstract :
A comparison of the trusted computer system evaluation criteria (TCSEC) and methodologies of four countries, the United States, Canada, Germany, and Britain, is presented. The evaluation criteria and methodologies of each country are described, and the four national approaches are compared. The US criteria apply to operating systems supporting a confidentiality security policy. The Canadian criteria extend the US TCSEC with criteria for integrity and availability, as well as for accountability and assurance. The German criteria are patterned closely on the US criteria, with the major exceptions that features and assurances are rated separately. With the British criteria, a developer states certain claims about a product´s functionality, and the claims are independently evaluated for a chosen level of assurance.<>
Keywords :
government policies; performance evaluation; security of data; systems analysis; Britain; British criteria; Canada; Canadian criteria; German criteria; Germany; US TCSEC; US criteria; United States; accountability; assurance; availability; confidentiality security policy; integrity; national approaches; operating systems; trusted computer system evaluation criteria; Access control; Application software; Authentication; Computer security; Control systems; Data security; Information security; Information systems; Operating systems; Protection;
Conference_Titel :
Computer Assurance, 1990. COMPASS '90, Systems Integrity, Software Safety and Process Security., Proceedings of the Fifth Annual Conference on
Conference_Location :
Gaithersburg, MD, USA
DOI :
10.1109/CMPASS.1990.175410
