World Library  
  


Download
Add to Book Shelf
Flag as Inappropriate
Email this Book

Ncsc-Tg-028 Library No. S-238,986 Version 1

By Gallagher, Patrick R., Jr.

Click here to view

Book Id: WPLBN0000661504
Format Type: PDF eBook:
File Size: 0.2 MB
Reproduction Date: 2005

Title: Ncsc-Tg-028 Library No. S-238,986 Version 1  
Author: Gallagher, Patrick R., Jr.
Volume:
Language: English
Subject: Technology., Reference materials, Technology and literature
Collections: Techonology eBook Collection
Historic
Publication Date:
Publisher:

Citation

APA MLA Chicago

R. Gallagher, Jr, B. P. (n.d.). Ncsc-Tg-028 Library No. S-238,986 Version 1. Retrieved from http://gutenberg.us/

Description
Technical Reference Publication

Excerpt
Excerpt: National Policy. In July of 1987, the Federal government issued the National Policy on Controlled Access Protection [36], establishing the policy for automated information systems (AISs) that are accessed by multiple users with different authorizations to the information contained in the system. The Policy, shown in Figure 1.1, mandates that these systems provide automated controlled access protection and that this minimal level of protection be provided within five years of the Policy's issuance. The Policy gives the Federal agencies responsibility for ensuring that its provisions are carried out.

Table of Contents
Contents l BACKGROUND 1 1.1 NATIONAL POLICY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 SECURITY ACCREDITATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.3 TRUSTED PRODUCT EVALUATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.4 SCOPE AND PURPOSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2 CONTROLLED ACCESS PROTECTION 9 3 ARCHITECTURAL FOUNDATION 13 3.1 TRUSTED COMPUTING BASE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.2 ENFORCEMENT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.3 DOMAIN SEPARATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.4 DEFINED SUBSET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.5 RESOURCE ISOLATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4 PROTECTION MECHANISMS 22 4.1 IDENTIFICATION & AUTHENTICATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.2 DISCRETIONARY ACCESS CONTROL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 4.3 OBJECT REUSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 4.4 AUDIT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 5 DOCUMENTATION AND LIFE-CYCLE ASSURANCE 33 5.1 DESIGN DOCUMENTATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 5.2 SYSTEM INTEGRITY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 5.3 CONFIGURATION MANAGEMENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 5.4 TRUSTED FACILITY MANUAL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.5 SECURITY FEATURES USER'S GUIDE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.6 TESTING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

 
 



Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.