21 What is the Federal Criteria? (Computer Security Evaluation)
Description
This article is from the Computer Security Evaluation FAQ, by Trusted Product Evaluation Program TPEP@dockmaster.ncsc.mil.
21 What is the Federal Criteria? (Computer Security Evaluation)
The Federal Criteria was an attempt to develop a criteria to
replace the Trusted Computer System Evaluation Criteria
(TCSEC). A draft version was released for public comment in
December 1992. However, this effort was supplanted by the
Common Criteria effort (see Section II, Question 8), and the
Federal Criteria never moved beyond the draft stage (although
many of its ideas are retained in the Common Criteria). There
is no FINAL Federal Criteria; the draft should not be treated
as a final criteria document. The draft of the Federal
Criteria is available at <http://hightop.nrl.navy.mil/rainbow.html>.
15. What are the CMWREQs and the CMWEC?
The criteria used by the Defense Intelligence Agency (DIA) to
rate a product as a Compartmented Mode Workstation (CMW) is the
Compartmented Mode Workstation Evaluation Criteria (CMWEC),
which superseded the CMW Requirements (CMWREQs) in 1991. This
criteria defines a minimum level of assurance equivalent to the
B1 level of the TCSEC (see Section III, Questions 2-4). It
also defines a minimum set of functionality and usability
features outside the scope of the TCSEC (e.g. a graphical user
interface via a window system is required along with the
capability to cut and paste between windows). Neither set of
requirements are currently used by the Trusted Product Evaluation
Program (TPEP) although products that are designed to have these
features may be evaluated as B1 or higher products.
Continue to:
My Books
