Security Ratings


Security System and/or Application Developers,

What are the current guidelines security-relevant applications are being
developed against in order to receive a particular security or
assurance rating? Are there such guidelines? Are there any assurance or
security ratings to obtain? I know from my AT&T Bell Lab days we used the
NCSC Trusted Security Evaluation Criteria (TSEC or orange book) to develop
a B1-rated Unix OS.  What exists that is comparable for applications?
The purpose for such guidelines and security ratings would
be so that customers, etc. know what they are REALLY getting in terms of
security.

Thanks, 

Cheri Dowell
NASA-Ames Research Center (NASA-ARC)

<Prev in Thread]	Current Thread	[Next in Thread>
Security Ratings, Cheri Dowell <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Revised Security Multiparts, James M Galvin
Next by Date:	PRESS RELEASE - RSA Licenses Commercial Distribution Rights to RSAREF (long), Christopher Allen
Previous by Thread:	Revised Security Multiparts, James M Galvin
Next by Thread:	PRESS RELEASE - RSA Licenses Commercial Distribution Rights to RSAREF (long), Christopher Allen
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Revised Security Multiparts, James M Galvin

Next by Date:

PRESS RELEASE - RSA Licenses Commercial Distribution Rights to RSAREF (long), Christopher Allen

Previous by Thread:

Revised Security Multiparts, James M Galvin

Next by Thread:

PRESS RELEASE - RSA Licenses Commercial Distribution Rights to RSAREF (long), Christopher Allen

Indexes:

[Date] [Thread] [Top] [All Lists]