© February 6, Novell Inc.
4
So what evidence can you show?
How about starting with a description of the environment?
Defines experimental context and assumptions
you need experimental controls, right?
Will you test to see if some security objectives are met?
what security policy? is the system responsible for all aspects of them, or is the environment responsible for some?
should you test to see which ones aren't met?
Do you know what the thing is supposed to do?
what does it touch?  what does it need to work?
Do you know what the thing is NOT supposed to do?
can you prove it won't?  How?