John Barkley
There are several publications available which specify computer security functional requirements in the form of evaluation criteria for secure systems. Among these are the Trusted Computer System Evaluation Criteria (TCSEC or ``orange'' book), the Canadian Trusted Computer Product Evaluation Criteria (CTCPEC)[CTC93], and the Information Technology Security Evaluation Criteria (ITSEC). As implied by their names, the goal of these documents is to specify a standard set of criteria for evaluating the security capabilities of systems.
As described in sections 2.1 and 2.2, a goal of open system standards is to promote the portability and interoperability of applications. This Chapter explores the ways that functional requirement specifications for computer security and open system standards complement each other.