Isabelle_DOF
/
Isabelle_DOF
1
0
Fork 2
Code Issues 1 Pull Requests Releases Wiki Activity
Isabelle_DOF/src/ontologies/CC_2022_R1/Common_Criteria_Terms.thy

460 lines
25 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

theory Common_Criteria_Terms
imports "Isabelle_DOF.technical_report"
begin
text\<open>We re-use the class \<^typ>\<open>math_content\<close>, which provides also a framework for
semi-formal "math-alike" terminology, which we re-use by this definition.\<close>
doc_class semi_formal_content = math_content +
status :: status <= "semiformal"
mcc :: math_content_class
type_synonym sfc = semi_formal_content
doc_class cc_term = semi_formal_content +
mcc :: math_content_class <= "terminology"
level :: "int option" <= "Some 1"
type_synonym common_criteria_term = cc_term
text\<open> in the following, all \<^theory_text>\<open>Definition*\<close> statements are interpreted as
\<^doc_class>\<open>cc_term\<close>s, i.e. semi-formal teminological definitions.\<close>
declare[[ Definition_default_class="cc_term"]]
text\<open> Excerpt of the BE EN 50128:2011, page 22. \<close>
section\<open>Terms and Definitions\<close>
declare_reference*[evaluator::cc_term]
declare_reference*[developer::cc_term]
Definition*[action]
\<open>documented activity of the @{cc_term (unchecked) \<open>evaluator\<close>}
or @{cc_term (unchecked) \<open>developer\<close>}\<close>
declare_reference*[entity::cc_term]
declare_reference*[TSF::cc_term]
Definition*[admministrator]
\<open> @{cc_term (unchecked) \<open>entity\<close>} that has a level of trust with respect to
all policies implemented by the @{cc_term (unchecked) \<open>TSF\<close>}\<close>
Definition*[API, short_name="''application programming interface''"]
\<open>\<close>
declare_reference*[threat_agent::cc_term]
declare_reference*[asset::cc_term]
Definition*[adverse_action]
\<open> \<^cc_term>\<open>action\<close> performed by a @{cc_term (unchecked) \<open>threat_agent\<close>}
on an @{cc_term (unchecked) \<open>asset\<close>}\<close>
declare_reference*[TOE::cc_term]
Definition*[asset]
\<open> @{cc_term (unchecked) \<open>entity\<close>} that the owner of
the @{cc_term (unchecked) \<open>TOE\<close>} presumably places value on\<close>
Definition*[assignement]
\<open>specification of an identified parameter in a functional or assurance component\<close>
declare_reference*[SFR::cc_term]
Definition*[assurance]
\<open>grounds for confidence that a @{cc_term (unchecked) \<open>TOE\<close>} meets
the security functional requirements @{cc_term (unchecked) \<open>SFR\<close>}s \<close>
declare_reference*[SAR::cc_term]
Definition*[AP, short_name="''assurance package''"]
\<open>named set of @{cc_term (unchecked) \<open>SAR\<close>}s\<close>
Definition*[attack_potential]
\<open>measure of the effort needed to exploit a vulnerability in a @{cc_term (unchecked) \<open>TOE\<close>} \<close>
Definition*[attack_surface]
\<open>set of logical or physical interfaces to a target, consisting of points
through which access to the target and its functions may be attempted\<close>
Definition*[augmentation]
\<open>addition of one or more requirements to a package\<close>
Definition*[autorized_user]
\<open> @{cc_term (unchecked) \<open>entity\<close>} who may, in accordance with the @{cc_term (unchecked) \<open>SFR\<close>}s,
perform an operation on the @{cc_term (unchecked) \<open>TOE\<close>}\<close>
declare_reference*[independent_entity::cc_term]
declare_reference*[dependent_component::cc_term]
Definition*[base_component]
\<open> @{cc_term (unchecked) \<open>independent_entity\<close>} in a multi-component product that provides
services and resources to one or more @{cc_term (unchecked) \<open>dependent_component\<close>}(s)\<close>
declare_reference*[PP::cc_term]
declare_reference*[PP_module::cc_term]
declare_reference*[PP_module_base::cc_term]
declare_reference*[PP_config::cc_term]
Definition*[base_PP, short_name="''base Protection Profile''"]
\<open> @{cc_term (unchecked) \<open>PP\<close>} specified in a @{cc_term (unchecked) \<open>PP_module\<close>},
as part of that @{cc_term (unchecked) \<open>PP_module\<close>}s @{cc_term (unchecked) \<open>PP_module_base\<close>},
used as a basis to build a @{cc_term (unchecked) \<open>PP_config\<close>}\<close>
Definition*[base_PP_module, short_name="''base PP-Module''"]
\<open>@{cc_term (unchecked) \<open>PP_module\<close>} specified in a different @{cc_term (unchecked) \<open>PP_module\<close>},
as part of that @{cc_term (unchecked) \<open>PP_module\<close>}s @{cc_term (unchecked) \<open>PP_module_base\<close>},
used as a basis to build a @{cc_term (unchecked) \<open>PP_config\<close>}\<close>
Definition*[base_TOE, short_name="''base target of evaluation''"]
\<open>@{cc_term (unchecked) \<open>base_component\<close>} which is itself the subject of an evaluation\<close>
Definition*[class_cc, short_name="''class''"]
\<open>〈taxonomy〉 set of families that share a common focus\<close>
Definition*[CD, short_name="''compact disk''"]
\<open>\<close>
Definition*[component]
\<open>〈taxonomy〉 smallest selectable set of elements on which requirements may be based OU
<composition> @{cc_term (unchecked) \<open>entity\<close>} which provides resources and services in a product\<close>
declare_reference*[composed_TOE::cc_term]
Definition*[component_TOE, short_name="''component target of evaluation''"]
\<open>(evaluated) @{cc_term (unchecked) \<open>TOE\<close>}
that is a component of another @{cc_term (unchecked) \<open>composed_TOE\<close>}\<close>
Definition*[CAP, short_name="''composition assurance package''"]
\<open> \<^cc_term>\<open>AP\<close> consisting of components drawn predominately from the ACO \<^cc_term>\<open>class_cc\<close>,
representing a point on the pre-defined scale for composition assurance\<close>
Definition*[composed_TOE, short_name="''composed target of evaluation''"]
\<open>@{cc_term (unchecked) \<open>TOE\<close>} comprising solely two or more separately identified components
with a security relationship between their @{cc_term (unchecked) \<open>TSF\<close>}\<close>
Definition*[composed_evaluation, short_name="''composed evaluation''"]
\<open>evaluation of a \<^cc_term>\<open>composed_TOE\<close> using the specific evaluation technique applicable to \<^cc_term>\<open>composed_TOE\<close>s\<close>
declare_reference*[composite_product::cc_term]
declare_reference*[composite_TOE::cc_term]
Definition*[composite_evaluation, short_name="''composite evaluation''"]
\<open>evaluation of a @{cc_term (unchecked) \<open>composite_TOE\<close>}/@{cc_term (unchecked) \<open>composite_product\<close>}
using the specific composite evaluation technique\<close>
Definition*[composite_product, short_name="''composite product''"]
\<open>product comprised of two or more components which can be organized in two layers:
a layer of one already evaluated \<^cc_term>\<open>base_component\<close> (\<^cc_term>\<open>base_TOE\<close>)
and a layer of one @{cc_term (unchecked) \<open>dependent_component\<close>}\<close>
Definition*[COMP, short_name="''composite product assurance package''"]
\<open>\<close>
Definition*[composite_TOE, short_name="''composite target of evaluation''"]
\<open>part of a \<^cc_term>\<open>composite_product\<close> including the \<^cc_term>\<open>base_TOE\<close>
and the @{cc_term (unchecked) \<open>dependent_component\<close>}\<close>
Definition*[CM, short_name="''configuration management''"]
\<open>discipline applying technical and administrative direction and surveillance to:
identify and document the functional and physical characteristics of a configuration item,
control changes to those characteristics, record and report change processing
and implementation status, and verify compliance with specified requirements\<close>
Definition*[CMS, short_name="''configuration management system''"]
\<open>set of procedures and tools (including their documentation) used by a @{cc_term (unchecked) \<open>developer\<close>}
to develop and maintain configurations of their products during their life-cycles\<close>
Definition*[counter]
\<open>act on or respond to a particular threat so that the threat is eradicated or mitigated\<close>
declare_reference*[ST::cc_term]
declare_reference*[PP_configuration::cc_term]
Definition*[DC, short_name="''demonstrable conformance''"]
\<open>relation between a @{cc_term (unchecked) \<open>PP\<close>}/@{cc_term (unchecked) \<open>ST\<close>} (PP/ST)
and a @{cc_term (unchecked) \<open>PP\<close>}, or an @{cc_term (unchecked) \<open>ST\<close>} and
a @{cc_term (unchecked) \<open>PP_configuration\<close>}, where the PP/ST provides an equivalent or
more restrictive solution that solves the generic security problem in the PP/PP-Configuration\<close>
declare_reference*[FP::cc_term]
Definition*[dependency]
\<open>relationship between components such that a @{cc_term (unchecked) \<open>PP\<close>}, @{cc_term (unchecked) \<open>ST\<close>},
@{cc_term (unchecked) \<open>FP\<close>} or \<^cc_term>\<open>AP\<close>} including a component
also includes any other \<^cc_term>\<open>component\<close>s that are identified as being depended upon
or include a rationale as to why they are not\<close>
declare_reference*[dependent_entity::cc_term]
Definition*[dependent_component, short_name="''dependent component''"]
\<open>@{cc_term (unchecked)\<open>dependent_entity\<close>} in a multi-component product that relies on
the provision of services and resources by one or more \<^cc_term>\<open>base_component\<close>s\<close>
Definition*[dependent_TOE, short_name="''dependent target of evaluation''"]
\<open>\<^cc_term>\<open>dependent_component\<close> which is itself the subject of an evaluation\<close>
Definition*[developper]
\<open>organization responsible for the development of the @{cc_term (unchecked)\<open>TOE\<close>}\<close>
declare_reference*[SPD::cc_term]
declare_reference*[SO::cc_term]
declare_reference*[operational_environment::cc_term]
Definition*[direct_rationale, short_name="''direct rationale''"]
\<open>type of @{cc_term (unchecked)\<open>PP\<close>}, @{cc_term (unchecked)\<open>PP_module\<close>} or @{cc_term (unchecked)\<open>ST\<close>}
in which the @{cc_term (unchecked)\<open>SPD\<close>} elements are mapped directly to
the @{cc_term (unchecked)\<open>SFR\<close>}) and possibly to the @{cc_term (unchecked)\<open>SO\<close>}s
for the @{cc_term (unchecked)\<open>operational_environment\<close>}\<close>
Definition*[DAC, short_name="''discretionary access control''"]
\<open>\<close>
Definition*[element]
\<open>〈taxonomy〉 self-contained description of a security need assigned to @{cc_term (unchecked)\<open>SAR\<close>}
or @{cc_term (unchecked)\<open>SFR\<close>}\<close>
Definition*[entity]
\<open>identifiable item that is described by a set or collection of properties\<close>
Definition*[evaluation]
\<open>assessment of a @{cc_term (unchecked)\<open>PP_configuration\<close>}, @{cc_term (unchecked)\<open>PP\<close>},
a @{cc_term (unchecked)\<open>ST\<close>}, or a @{cc_term (unchecked)\<open>TOE\<close>}, against defined criteria
\<close>
Definition*[EA, short_name="''evaluation activity''"]
\<open>activity derived from one or more work units\<close>
Definition*[EAL, short_name="''evaluation assurance level''"]
\<open>well-formed package of @{cc_term (unchecked)\<open>SAR\<close>} representing a point on the pre- defined assurance scale\<close>
declare_reference*[evaluation_scheme::cc_term]
Definition*[evaluation_authority, short_name="''evaluation authority''"]
\<open>body operating an @{cc_term (unchecked)\<open>evaluation_scheme\<close>}\<close>
Definition*[EM, short_name="''evaluation method''"]
\<open>set of one or more \<^cc_term>\<open>EA\<close> for application in a specific context\<close>
Definition*[evaluation_scheme, short_name="''evaluation scheme''"]
\<open>rules, procedures and management to carrying evaluations of IT product security\<close>
declare_reference*[overall_verdict::cc_term]
Definition*[ETR, short_name="''evaluation technical report''"]
\<open>documentation of the @{cc_term (unchecked)\<open>overall_verdict\<close>} and its justification, produced
by the @{cc_term (unchecked)\<open>evaluator\<close>}, and submitted to an \<^cc_term>\<open>evaluation_authority\<close>\<close>
Definition*[ETR_COMP, short_name="''evaluation technical report for composite evaluation''"]
\<open>documentation intended to be used within the \<^cc_term>\<open>composite_evaluation\<close> approach and derived
by the \<^cc_term>\<open>base_component\<close> @{cc_term (unchecked)\<open>evaluator\<close>} from the full \<^cc_term>\<open>ETR\<close>
for the evaluated \<^cc_term>\<open>base_component\<close>\<close>
Definition*[evaluator]
\<open>individual assigned to perform evaluations in accordance with a given evaluation standard and
associated evaluation methodology\<close>
Definition*[EC, short_name="''exact conformance''"]
\<open>hierarchical relationship between a @{cc_term (unchecked)\<open>PP\<close>} or @{cc_term (unchecked)\<open>PP_configuration\<close>}
and a @{cc_term (unchecked)\<open>ST\<close>} where all the requirements in the ST are drawn only from the PP/PP- Configuration\<close>
Definition*[exploitable_vulnerability, short_name="''exploitable vulnerability''"]
\<open>weakness in the @{cc_term (unchecked)\<open>TOE\<close>} that can be used to violate the @{cc_term (unchecked)\<open>SFR\<close>}s
in the @{cc_term (unchecked)\<open>operational_environment\<close>} for the @{cc_term (unchecked)\<open>TOE\<close>}\<close>
Definition*[extended_security_requirement, short_name="''extended security requirement''"]
\<open>security requirement developed according to the rules in this document,
but which are not listed in any part of the CC\<close>
Definition*[user, short_name="''external entity''"]
\<open>human technical system or one of its components interacting with the @{cc_term (unchecked)\<open>TOE\<close>}
from outside of the TOE boundary\<close>
Definition*[family]
\<open>〈taxonomy〉 set of components that shares a similar goal but differs in emphasis or rigour\<close>
Definition*[FP, short_name="''functional package''"]
\<open>named set of @{cc_term (unchecked)\<open>SFR\<close>}s that may be accompanied by a @{cc_term (unchecked)\<open>SPD\<close>}
and @{cc_term (unchecked)\<open>SO\<close>}s derived from that SPD
\<close>
declare_reference*[multi_assurance_evaluation::cc_term]
Definition*[global_AP, short_name="''global assurance package''"]
\<open>\<^cc_term>\<open>AP\<close> that applies to the entire @{cc_term (unchecked)\<open>TOE\<close>} in a
@{cc_term (unchecked)\<open>multi_assurance_evaluation\<close>}\<close>
Definition*[guidance_documentation, short_name="''guidance documentation''"]
\<open>documentation that describes the delivery, preparation, operation, management and/or use of the @{cc_term (unchecked)\<open>TOE\<close>}\<close>
declare_reference*[refinement::cc_term]
Definition*[implementation_representation, short_name="''implementation representation''"]
\<open>least abstract representation of the @{cc_term (unchecked)\<open>TSF\<close>}, specifically the one
that is used to create the TSF itself without further design @{cc_term (unchecked)\<open>refinement\<close>}\<close>
Definition*[internally_consistent, short_name="''internally consistent''"]
\<open>no apparent contradictions exist between any aspects of an \<^cc_term>\<open>entity\<close>\<close>
Definition*[interpretation_cc, short_name="''interpretation''"]
\<open>clarification or amplification of a standard or an \<^cc_term>\<open>evaluation_scheme\<close> requirement\<close>
Definition*[iteration]
\<open>use of the same \<^cc_term>\<open>component\<close> to express two or more distinct requirements\<close>
Definition*[layering]
\<open>design technique where separate groups of components are hierarchically organized to have separate
responsibilities such that a group of components depends on groups of components below it in
the hierarchy for services, and provides its services to the groups of components above it\<close>
Definition*[module_cc, short_name="''module''"]
\<open>architectural unit specified at a level suitable for implementation of the unit\<close>
Definition*[multi_assurance_evaluation, short_name="''multi-assurance evaluation''"]
\<open>evaluation of a @{cc_term (unchecked)\<open>TOE\<close>} using a @{cc_term (unchecked)\<open>PP_configuration\<close>}
where each PP- Configuration component is associated with its own set of assurance requirements\<close>
Definition*[object]
\<open>\<^cc_term>\<open>entity\<close>in the @{cc_term (unchecked)\<open>TOE\<close>} that contains or receives information, and
upon which subjects perform operations\<close>
Definition*[operation]
\<open>〈on an \<^cc_term>\<open>object\<close>〉 specific type of \<^cc_term>\<open>action\<close> performed by a subject on an object
\<close>
Definition*[operational_environment, short_name="''operational environment''"]
\<open>environment in which the @{cc_term (unchecked)\<open>TOE\<close>} is operated, consisting of everything
that is outside the TOE boundary\<close>
Definition*[optional_SFR, short_name="''optional Security Functional Requirement''"]
\<open>@{cc_term (unchecked)\<open>SFR\<close>} in a @{cc_term (unchecked)\<open>PP\<close>}, @{cc_term (unchecked)\<open>FP\<close>}, or
@{cc_term (unchecked)\<open>PP_module\<close>} that contributes to a stated aspect of the PPs security problem
description but whose inclusion in a conformant PPs or @{cc_term (unchecked)\<open>ST\<close>} list of
SFRs is not mandatory\<close>
Definition*[OSP, short_name="''organizational security policy''"]
\<open>set of security rules, procedures, or guidelines for an organization\<close>
Definition*[overall_verdict, short_name="''overall verdict''"]
\<open>statement issued by an \<^cc_term>\<open>evaluator\<close> with respect to the result of an \<^cc_term>\<open>evaluation\<close>\<close>
Definition*[potential_vulnerability, short_name="''potential vulnerability''"]
\<open>suspected, but not confirmed, weakness
\<close>
Definition*[PP, short_name="''Protection Profile''"]
\<open>implementation-independent statement of security needs for a @{cc_term (unchecked)\<open>TOE\<close>} type\<close>
Definition*[PP_configuration, short_name="''Protection Profile Configuration''"]
\<open>implementation-independent statement of security needs for a @{cc_term (unchecked)\<open>TOE\<close>} type
containing at least one \<^cc_term>\<open>PP\<close> and an additional non-empty set of @{cc_term (unchecked)\<open>PP_module\<close>}
(with the associated PP-Modules Bases)\<close>
Definition*[PP_configuration_component, short_name="''Protection Profile Configuration component''"]
\<open>\<^cc_term>\<open>PP\<close> or @{cc_term (unchecked)\<open>PP_module\<close>} included in a \<^cc_term>\<open>PP_configuration\<close>\<close>
Definition*[PP_module, short_name="''Protection Profile module''"]
\<open>implementation-independent statement of security needs for a @{cc_term (unchecked)\<open>TOE\<close>} type
complementary to one or more base \<^cc_term>\<open>PP\<close> and possibly some \<^cc_term>\<open>base_PP_module\<close>\<close>
Definition*[PP_module_base, short_name="''Protection Profile Module Base''"]
\<open>set of either \<^cc_term>\<open>PP_module\<close> or \<^cc_term>\<open>PP\<close> or both, specified by a PP- Module as a basis
for building a \<^cc_term>\<open>PP_configuration\<close>\<close>
Definition*[refinement]
\<open>addition of details to a security component\<close>
Definition*[residual_vulnerability, short_name="''residual vulnerability''"]
\<open>weakness that cannot be exploited in the \<^cc_term>\<open>operational_environment\<close> for the
@{cc_term (unchecked)\<open>TOE\<close>}, but that can be used to violate the @{cc_term (unchecked)\<open>SFR\<close>}s by
an attacker with greater \<^cc_term>\<open>attack_potential\<close> than is anticipated in the operational
environment for the TOE\<close>
Definition*[role]
\<open>pre-defined set of rules establishing the allowed interactions between a user and the @{cc_term (unchecked)\<open>TOE\<close>}\<close>
Definition*[SAR, short_name="''security assurance requirement''"]
\<open>security requirement that refers to the conditions and processes for the development and delivery
of the @{cc_term (unchecked)\<open>TOE\<close>}, and the \<^cc_term>\<open>action\<close>s required of \<^cc_term>\<open>evaluator\<close>s
with respect to evidence produced from these conditions and processes
\<close>
Definition*[security_attribute, short_name="''security attribute''"]
\<open>property of subjects, users, objects, information, sessions and/or resources that is used in
defining the @{cc_term (unchecked)\<open>SFR\<close>}s and whose values are used in enforcing the SFRs
\<close>
Definition*[SFR, short_name="''security functional requirement''"]
\<open>security requirement, which contributes to fulfil the @{cc_term (unchecked)\<open>TOE\<close>}
@{cc_term (unchecked)\<open>SPD\<close>} as defined in a specific @{cc_term (unchecked)\<open>ST\<close>} or in a \<^cc_term>\<open>PP\<close>\<close>
Definition*[SO, short_name="''security objective''"]
\<open>statement of an intent to \<^cc_term>\<open>counter\<close> identified threats and/or satisfy identified
organization security policies and/or assumptions\<close>
Definition*[SPD, short_name="''security problem definition''"]
\<open>statement, which in a formal manner defines the nature and scope of the security that the
@{cc_term (unchecked)\<open>TOE\<close>} is intended to address\<close>
Definition*[SR, short_name="''security requirement''"]
\<open>requirement, which is part of a @{cc_term (unchecked)\<open>TOE\<close>} security specification as defined
in a specific @{cc_term (unchecked)\<open>ST\<close>} or in a \<^cc_term>\<open>PP\<close>\<close>
Definition*[ST, short_name="''Security Target''"]
\<open>implementation-dependent statement of security requirements for a @{cc_term (unchecked)\<open>TOE\<close>}
based on a \<^cc_term>\<open>SPD\<close>\<close>
Definition*[selection]
\<open>specification of one or more items from a list in a component\<close>
Definition*[selection_based_SFR, short_name="''selection-based security functional requirement''"]
\<open>\<^cc_term>\<open>SFR\<close>s in a \<^cc_term>\<open>PP\<close>, \<^cc_term>\<open>PP_module\<close>, or \<^cc_term>\<open>FP\<close> that contributes to a state
aspect of the PPs, PP-Modules or functional packages \<^cc_term>\<open>SPD\<close> that is to be included
in a conformant PP or ST if a selection choice identified in the PP/PP-Module/functional package
indicates that it has an associated selection-based SFR\<close>
Definition*[single_assurance_evaluation, short_name="''single-assurance evaluation''"]
\<open>evaluation of a @{cc_term (unchecked)\<open>TOE\<close>} using one set of assurance requirements\<close>
Definition*[SC, short_name="''strict conformance''"]
\<open>hierarchical relationship between a \<^cc_term>\<open>PP\<close> and a PP/\<^cc_term>\<open>PP\<close> where all the requirements
in the PP also exist in the PP/ST\<close>
Definition*[sub_TSF, short_name="''sub-TOE security functionality''"]
\<open>combined functionality of all hardware, software, and firmware of a @{cc_term (unchecked)\<open>TOE\<close>}
that is relied upon for the correct enforcement of the \<^cc_term>\<open>SFR\<close>s defined in one
\<^cc_term>\<open>PP_configuration\<close> component\<close>
Definition*[subject]
\<open>\<^cc_term>\<open>entity\<close> in the @{cc_term (unchecked)\<open>TOE\<close>} that performs operations on objects\<close>
Definition*[tailoring]
\<open>addition of one or more functional requirements to a \<^cc_term>\<open>FP\<close>, and/or the addition of one or
more selections to a \<^cc_term>\<open>SFR\<close> in a functional package\<close>
Definition*[TOE, short_name="''target of evaluation''"]
\<open>set of software, firmware and/or hardware possibly accompanied by guidance, which is the subject of an evaluation\<close>
Definition*[threat_agent, short_name="''threat agent''"]
\<open>\<^cc_term>\<open>entity\<close> that has potential to exercise \<^cc_term>\<open>adverse_action\<close> on \<^cc_term>\<open>asset\<close>s
protected by the \<^cc_term>\<open>TOE\<close>\<close>
Definition*[TSF, short_name="''TOE security functionality''"]
\<open>combined functionality of all hardware, software, and firmware of a \<^cc_term>\<open>TOE\<close> that is relied
upon for the correct enforcement of the \<^cc_term>\<open>SFR\<close>s\<close>
Definition*[TOE_type, short_name="''TOE type''"]
\<open>set of characteristics common to a group of \<^cc_term>\<open>TOE\<close>\<close>
Definition*[translation]
\<open>process of describing security requirements in a standardized language\<close>
Definition*[vulnerability]
\<open>weakness in the \<^cc_term>\<open>TOE\<close> that can be used to violate the \<^cc_term>\<open>SFR\<close>s in some environment\<close>
Definition*[DPA, short_name="''differential power analysis''"]
\<open>\<close>
Definition*[DRBG, short_name="''deterministic random bit generator''"]
\<open>\<close>
Definition*[ES, short_name="''electromagnetic spectrum''"]
\<open>\<close>
Definition*[GAP, short_name="''global assurance package''"]
\<open>\<close>
Definition*[GB, short_name="''gygabyte''"]
\<open>\<close>
Definition*[GHz, short_name="''gigahertz''"]
\<open>\<close>
Definition*[GUI, short_name="''graphical user interface''"]
\<open>\<close>
end
Reference in New Issue View Git Blame Copy Permalink