RE: PD-0101: Level of Detail Necessary for Assurance Requirements on Third Party Products
- Subject: RE: PD-0101: Level of Detail Necessary for Assurance Requirements on Third Party Products
- From: Nir Naaman <nir.naaman@metasec.com>
- Date: Wed, 10 Mar 2004 23:19:25 +0200
- Content-transfer-encoding: 7BIT
- Content-type: text/plain; charset=us-ascii
- Importance: Normal
- In-reply-to: <404F2984.8090707@itsef.tno.nl>
On Wednesday, March 10, 2004 Dr.Ir. D.J. Out wrote:
>
> What I'm trying to express is that there are two relation
> TOEs can have with each other:
> - they can be peers (e.g. a firewall TOE and a database TOE).
> These are somehow "next" to another.
> - one can be the subject of another (e.g. an OS TOE and an
> application TOE).
> Now one TOE is more or less under the full control of the other.
>
> I have no mathematical definitions of this.
>
> I would call the second one to be the abstract machine concept. But
> this is my personal opinion.
>
> In any case as "dependency" is a reserved word in CC, I
> wouldn't use that.
>
Aren't these relationships the ones modeled by the TNI and TDI,
respectively?
If you don't like "dependency", the TDI coins an alternative phrase: "the
more (or less) primitive TCB subset".
This was based on the Shockley and Schell paper on "TCB subsets for
Incremental Evaluation".
See http://www.acsac.org/secshelf/papers.html for some very coherent
treatment of this subject.
Nir
Date Index |
Thread Index |
Problems or questions? Contact list-master@nist.gov