该楼层疑似违规已被系统折叠 隐藏此楼查看此楼
those who are authorized for audit data. The TCB shall be able to record the following types of events: use of identification
and authentication mechanisms, introduction or objects into a user's address space (e.g., file open, program initiation),
deletion of objects, and actions taken by computer operators and system administrators and/or system security officers, and
other security relevant events. For each recorded event, the audit record shall identify: date and time of the event, user,
type of event, and success or failure of the event. For identification/authentication events the origin of request (e.g.,
terminal ID) shall be included in the audit record. For events that introduce an object into a user's address space and for
object deletion events the audit record shall include the name of the object. The ADP system administrator shall be able to
selectively audit the actions of any one or more users based on individual identity.
Assurance
Operational Assurance
System Architecture
The TCB shall maintain a domain for its own execution that protects it from external interference or tampering (e.g., by
modification of its code or data structures). Resources controlled by the TCB may be a defined subset of the subjects and
objects in the ADP system. The TCB shall isolate the resources to be protected so that they are subject to the access control
and auditing requirements.
System Integrity
Hardware and/or software features shall be provided that can be used to periodically validate the correct operation of the
on-site hardware and firmware elements of the TCB.
Life-Cycle Assurance
Security Testing
The security mechanisms of the ADP system shall be tested and found to work as claimed in the system documentation. Testing
shall be done to assure that there are no obvious ways for an unauthorized user to bypass or otherwise defeat the security
protection mechanisms of the TCB. Testing shall also include a search for obvious flaws that would allow violation of
resource isolation, or that would permit unauthorized access to the audit or authentication data. (See the Security Testing
guidelines.)
Documentation
Security Features User's Guide
A single summary, chapter, or manual in user documentation shall describe the protection mechanisms provided by the TCB,
guidelines on their use, and how they interact with one another.
Trusted Facility Manual
A manual addressed to the ADP system administrator shall present cautions about functions and privileges that should be
controlled when running a secure facility. The procedures for examining and maintaining the audit files as well as the
detailed audit record structure for each type of audit event shall be given.
Test Documentation
The system developer shall provide to the evaluators a document that describes the test plan, test procedures that show how
976
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
