Description

This article is from the Computer Security Evaluation FAQ, by Trusted Product Evaluation Program TPEP@dockmaster.ncsc.mil.

31 Does a trusted system require custom hardware? (Computer Security Evaluation)

A system does not require custom hardware to be successfully
evaluated against the Trusted Computer System Evaluation
Criteria (TCSEC). However, an evaluation does consider the
security of the system hardware as well as software. For every
evaluated product, there is an evaluated configuration. The
evaluated configuration lists the specific hardware and
software evaluated. A given evaluation may require hardware
with certain security features used by the software, and the
software may require certain optional features be enabled or
disabled. The Final Evaluation Report (FER) (see Section V,
Question 7) lists the evaluated hardware and software. The
Trusted Facility Manual (TFM) for the product will give
detailed guidance on configuring the hardware and software
securely.

Continue to:

• prev: 30 How do the TCSEC and its interpretations apply to routers and firewalls? (Computer Security Evaluation)
• Index
• next: 32 What are the requirements for a D/C1/C2/B1/B2/B3/A1 system? (Computer Security Evaluation)