Comparison of trusted systems evaluation criteria

Author

Pfleeger, Charles P.

Author_Institution

Trusted Inf. Syst. Inc., Glenwood, MD, USA

fYear

1990

fDate

25-28 June 1990

Firstpage

135

Lastpage

143

Abstract

A comparison of the trusted computer system evaluation criteria (TCSEC) and methodologies of four countries, the United States, Canada, Germany, and Britain, is presented. The evaluation criteria and methodologies of each country are described, and the four national approaches are compared. The US criteria apply to operating systems supporting a confidentiality security policy. The Canadian criteria extend the US TCSEC with criteria for integrity and availability, as well as for accountability and assurance. The German criteria are patterned closely on the US criteria, with the major exceptions that features and assurances are rated separately. With the British criteria, a developer states certain claims about a product´s functionality, and the claims are independently evaluated for a chosen level of assurance.<>

Keywords

government policies; performance evaluation; security of data; systems analysis; Britain; British criteria; Canada; Canadian criteria; German criteria; Germany; US TCSEC; US criteria; United States; accountability; assurance; availability; confidentiality security policy; integrity; national approaches; operating systems; trusted computer system evaluation criteria; Access control; Application software; Authentication; Computer security; Control systems; Data security; Information security; Information systems; Operating systems; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Assurance, 1990. COMPASS '90, Systems Integrity, Software Safety and Process Security., Proceedings of the Fifth Annual Conference on

Conference_Location

Gaithersburg, MD, USA

Type

conf

DOI

10.1109/CMPASS.1990.175410

Filename

175410