| Some System Constraints |
|
|
|
|
|
|
|
|
|
|
| ¨ | Because
there is minimal, or no, theoretical |
||||||||
| foundation
for assurance, requirements for |
|||||||||
| specific
processes can’t be justified in |
|||||||||
| security
assurance standards |
|||||||||
| ¨ | As a
result, standards (CC/CEM or SSE- |
||||||||
| CMM),
focus on specifying documentation |
|||||||||
| and
activities that must be present in |
|||||||||
| whatever
process is used by subscribing |
|||||||||
| participants |
|||||||||
|
|
| 600.436 High- |
|
| Assurance
Systems |
|
| Fall
01/Introduction |
| 12 |