600.436 High-Assurance
Systems
Fall 01/System Security Realization
32
Layering
¨The
use of layering and of simpler designs for the TSP-enforcing functionality
reduces the complexity of the TSF.
¨Resulting
In:
Better
understanding of the TSF
More assurance that the TOE security functional
requirements are accurately and completely instantiated in the
implementation.