Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
2Activity

Table Of Contents

0 of .
Results for:
No results containing your search query
P. 1
NCSC-TG-023 A Guide to Security Testing and Test Documentation in Trusted Systems (Bright Orange Book)

NCSC-TG-023 A Guide to Security Testing and Test Documentation in Trusted Systems (Bright Orange Book)

Ratings: (0)|Views: 4,533|Likes:
Published by Robert Vale
Book 23 of the Rainbow Series
Book 23 of the Rainbow Series

More info:

Published by: Robert Vale on Jan 11, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

10/25/2013

pdf

text

original

 
VERSION-1
NATIONAL
COMPUTER
SECURITY
CENTER
---
AD-A277
642
A
Guide
to
Understanding
Security
Testing
and
Test
Documentation
in
Trusted
Systems
94-09740
B
July
1993'
Approved
for
Public
Release:
Distribution
Unlimited
'94
3
31 039
 
NCSC-TG-023
LibraryNo.
S-232.561
Version-1
FOREWORD
The
National
Computer
Security
Center
is
issuing
A
Guide
to
UnderstandingSecurity
Testing
and
Test
Documentation
In
Trusted
Systems
as
part
of
the
"Rainbow
Series"
of
documents
ourTechnicalGuidelines
Program
produces.
In
the
Rainbow
Series,
we
discuss
in
detail
the
features
of
the Department
of
DefenseTrustedComputerSystem
EvaluationCriteria
(DoD
5200.28-STD)
and
provide
guidance
for
meeting
each
requirement.
The
National
Computer
Security
Center,
through
its
TrustedProduct
Evaluation
Program,
evaluates
the
security
features
ofcommercially
produced
computer
systems.
Together,
these
programs
ensure
that
users
are capable
of
protectingtheirimportant
data
with
trustedcomputer
systems.
The
specific
guidelines
in
this
document
provide
aset
of
good
practices
related
tosecurity
testingandthe development
of
test
documentation.
This
technical
guideline
has
been
written
to
help
thevendor
and
evaluator
community
understand
what
deliverables
are
required
for
test
documentation,
as
well
as
the
level
of
detail
required
of
security
testing
at
all
classes
in
the
Trusted
Computer
System
EvaluationCriteria.
As
the
Director,
National
Computer
Security
Center,
I
invite
your
suggestions
for
revision
to
this
technical
guideline.
Weplan
to
reviewthis
document
as
the
needarises.
National
Computer
Security
Center
Attention:
Chief,
Standard,
Criteria
and
Guidelines
Division
9800
Savage
Road
Fort
George
G.
Meade,
MD
20755-6000
Patrick
R.
Ga&•,'Jr.
•January,
1994
Director
National
Computer
Security
Center
 
Acknowledgments
ACKNOWLEDGMENTS
Special recognition and
acknowledgment
for
his
contributions to this
document
are
extended
to
VirgilD.
Gligor, University
of
Maryland,
as
primary
author
of
this
document.
Special
thanksare extended
to
those
who
enthusiastically
gave
of
their time
andtechnical
expertise
in
reviewing
this guideline
and
providing
valuable
comments
and
suggestions.
The
assistance
of C.
Sekar
Chandersekaran,
IBM
and
CharlesBonneau,
Honeywell
Federal
Systems,
in
the
preparation
of
the examples
presented
in
this guideline
is gratefully
acknowledged.
Special
recognition
is
extended
to
MAJ
James
P.
Gordon,
U.S.
Army,
and
Leon
Neufeld
as
National
ComputerSecurity
Center
project
managers
for
this
guideline.
A&ouesion
For
XTI
GRA&i
DTIc
TAB
0l
UUUM('•
,Untd
0
By
Diut_
Sptoai
ii
LU

Activity (2)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->