Security test and evaluation for multilevel-mode accreditation: Lessons learned
DJ Bodeau, NR Brusil, IN Chang… - … Eighth Annual Computer …, 1992 - computer.org
DJ Bodeau, NR Brusil, IN Chang, MJ Reece
Proceedings Eighth Annual Computer Security Application Conference, 1992•computer.orgMITRE's experience and lessons learned in performing security test and evaluation (ST&E)
for SPADOC 4B are described. ST&E drew on contractual testing but involved extensive
government testing of the system. ST&E included testing in a representative stressed
environment and in failure situations. ST&E also involved verification of safeguards from
security disciplines other than COMPUSEC, including procedural and physical security.
SPADOC 4B has been accredited to operate in multilevel mode.<>
for SPADOC 4B are described. ST&E drew on contractual testing but involved extensive
government testing of the system. ST&E included testing in a representative stressed
environment and in failure situations. ST&E also involved verification of safeguards from
security disciplines other than COMPUSEC, including procedural and physical security.
SPADOC 4B has been accredited to operate in multilevel mode.<>
Abstract
MITRE's experience and lessons learned in performing security test and evaluation (ST&E) for SPADOC 4B are described. ST&E drew on contractual testing but involved extensive government testing of the system. ST&E included testing in a representative stressed environment and in failure situations. ST&E also involved verification of safeguards from security disciplines other than COMPUSEC, including procedural and physical security. SPADOC 4B has been accredited to operate in multilevel mode.<>
computer.org
Showing the best result for this search. See all results