Assurance measures: AGD (that fabulous manual we like to have but hate to write)
Hi!
AGD_ADM.1 Administrator guidance (all EALs)
AGD_ADM.1.1D The developer shall provide administrator guidance
addressed to system administrative personnel.
(This is man 8, and the various administrators' guides
and HOWTOs. We do have it in most cases. Thanks to the
LDP project and the numerous people who have written it.)
AGD_ADM.1.1C The administrator guidance shall describe the
administrative functions and interfaces available to the
administrator of the TOE.
(It works in most cases. The GNU coding standards mandate
that even the --help option should do its essentials.)
AGD_ADM.1.2C The administrator guidance shall describe how to administer
the TOE in a secure manner.
(Well, there docs where you can find warnings about security,
and unfortunately there are the ones which describe insecure
practices.)
AGD_ADM.1.3C The administrator guidance shall contain warnings about
functions and privileges that should be controlled in a secure
processing environment.
(See above)
AGD_ADM.1.4C The administrator guidance shall describe all assumptions
regarding user behaviour that are relevant to secure operation
of the TOE.
(These assumptions are not made explicit in a lot of cases,
and because that they do not get into the admin guide.)
AGD_ADM.1.5C The administrator guidance shall describe all security
parameters under the control of the administrator,
indicating secure values as appropriate.
(Where we have admin guide, the parameters are described
in most cases, but there are indication only in a few
spots.)
AGD_ADM.1.6C The administrator guidance shall describe each type of
security-relevant event relative to the administrative
functions that need to be performed, including changing the
security characteristics of entities under the control of the
TSF.
(It is also a grey spot in a lot of cases.)
AGD_ADM.1.7C The administrator guidance shall be consistent with all
other documentation supplied for evaluation.
(Well, being up-to-date is a great challenge with free
software. From that perspectiveit works with a surprisingly
high percentage of packages.)
AGD_ADM.1.8C The administrator guidance shall describe all security
requirements for the IT environment that are relevant to the
administrator.
(It is nearly the same case as the assumptions about user
behaviour.)
AGD_USR.1 User guidance (all EALs)
AGD_USR.1.1D The developer shall provide user guidance.
(manpages, user guides, howtos. See AGD_ADM.1.1D)
AGD_USR.1.1C The user guidance shall describe the functions and
interfaces available to the non-administrative users of the TOE.
(It exists in most cases. See AGD_ADM.1.1C)
AGD_USR.1.2C The user guidance shall describe the use of
user-accessible security functions provided by the TOE.
(It is okay more often than not.)
AGD_USR.1.3C The user guidance shall contain warnings about
user-accessible functions and privileges that should be
controlled in a secure processing environment.
(Well, sometimes they do, sometimes don't.)
AGD_USR.1.4C The user guidance shall clearly present all user
responsibilities necessary for secure operation of the TOE,
including those related to assumptions regarding user behaviour
found in the statement of TOE security environment.
(I guess that there are only a few cases where these
statements exists, and only a bit more where the
responsibilities are described.)
AGD_USR.1.5C The user guidance shall be consistent with all other
documentation supplied for evaluation.
(See AGD_ADM.1.7C)
AGD_USR.1.6C The user guidance shall describe all security requirements
for the IT environment that are relevant to the user.
(See AGD_ADM.1.8C)
Reply to: