El dom, 05-06-2005 a las 09:39 -0700, Park Lee escribió: > Hi, > > In "5.1 Architecture Overview" of¡¶The Flask Security > Architecture: System Support for Diverse Security > Policies¡·, It says: > > "Secondary goals for the architecture include > application > transparency, defense-in-depth, ease of assurance, > and minimal performance impact". > > Here, Is the meaning of word "assurance" the same as > the meaning of "assurance" of "Security assurance" in > ISO/IEC15408 (i.e. Information technology - Security > techniques --Evaluation criteria for IT security)? > or Does it just mean another thing? At least for me, that part means that you can easily implement information assurance models on top of the Flask architecture, with the "defense in depth" philosophy, which is basically putting layered defenses all-together for ensuring that breakage, corruption, overriding or any other type of mis-use either desired or undesired against one or more layers, can't lead to a complete compromise of the environment. All the rest of CC and the like it's much of the same, but talking in technical terms, it's what I've told you AFAIK. Cheers, -- Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx> [1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
Attachment:
signature.asc
Description: This is a digitally signed message part