Description

This article is from the Computer Security Evaluation FAQ, by Trusted Product Evaluation Program TPEP@dockmaster.ncsc.mil.

23 What is assurance? (Computer Security Evaluation)

In the context of the Trusted Computer System Evaluation
Criteria (TCSEC), assurance coincides with correctness
assurance. It is a measure of confidence that the security
features and architecture of a computer system accurately
mediate and enforce the system security policy. The TCSEC's
assurance-related requirements constrain development methods
(e.g., configuration management) and software engineering
practices (e.g., modular code). Higher evaluation classes
contain more assurance-promoting requirements and give more
confidence in correctness.

Continue to:

• prev: 22 What are security features? (Computer Security Evaluation)
• Index
• next: 24 What is a division? (Computer Security Evaluation)