[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [CR-9-02-?-Disclosure*]
Dave wrote, > My concerns about all of the disclosure requirements, is that > I cannot see > how any piece of software could be tested for conformance. > In the case of > Blakely style, "SAM should support *restriction of* > disclosure of subject > security attributes, *based on a policy stated by the > subject*", how do I > write a conformance test that verifes: > o what are allowable and non-allowable restrictions? > o How do I test that an non-allowable restriction hasn't been made > o How do I verify that a subject has stated a policy? > o How can a subject state a policy > > I just don't know how to test any of these things. I interpret this requirement as saying the design must not prevent this. Without checking I believe we have other requirements that can not be tested directly. > Also, I don't know what a subject is. I know what > credentials, principals, > users and system entities are. Good catch. Let's change it to User. Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC