[Zope3-checkins] CVS: Zope3/doc/security - ASE.txt:1.1
Christian Theune
ct@gocept.com
Tue, 1 Jul 2003 03:02:03 -0400
Update of /cvs-repository/Zope3/doc/security
In directory cvs.zope.org:/tmp/cvs-serv11473
Added Files:
ASE.txt
Log Message:
- checkin in ASE as prepared on EP2003 together with Steve A.
=== Added File Zope3/doc/security/ASE.txt ===
ASE
This is a preliminary version of the ASE document. It is used as a
preparation for the evaluation workshop in july.
Selected functions:
FAU_GEN.1
(select: level of detail)
FAU_GEN.2
FDP_ACC.2
(to define: SFP, list of subjects and objects)
FDP_ACF.1
(to define: security attributes, SFP)
FDP_ETC.2
FTP_ITC.1, FTP_ITC.2
(provide details)
FDP_IFC.1?
(Must be explained to us, as well as: FTP_IFF.2)
FDP_ITT.2
(questionable. Could be ZEO, must be traded off with
complexity versus maintainability of the certification)
FDP_RIP.1
(maybe .2)
FDP_ROL.1
(maybe .2)
FIA_ATD.1
FIA.UAU.1
FIA.UAU.2
FIA.UAU.5
FIA.UAU.6
(Conditions: to few permissions, or browser credentials expired)
FIA.UAU.7
FIA.UID.2
FIA_USB.1
Find out:
FIA_UAU.3
Nice to have:
FIA_SOS.1
FIA_AFL.1
Operating Environment Boundaries:
Operating System
Python Version
Browsers
ZODB Storage
Dependencies:
FMT_MSA.3