Trusted Database Management System. Interpretation of the Trusted Computer System Evaluation Criteria.

摘要

The National Computer Security Center is issuing the Trusted Database Management System Interpretation as part of the Technical Guidelines Program, through which we produce the Rainbow Series. In the Rainbow Series, we discuss in detail the features of the Trusted Computer System Evaluation Criteria (DoD 5200.28-STD) and provide guidance for meeting each requirement. The National Computer Security Center, through its Trusted Product Evaluation Program, analyzes the security features of commercially produced and supported computer systems. Together, these programs ensure that organizations are capable of protecting their important data with trusted computer systems. The Trusted Database Management System Interpretation extends the evaluation classes of the Trusted Computer System Evaluation Criteria to trusted applications in general, and database management systems in particular. It serves as an adjunct to the Trusted Computer System Evaluation Criteria by providing a technical context for the consideration of entire systems constructed of parts and by presenting database-specific interpretation of topics that require direct comment. Thus, it is relevant to applications which support sharing of computer services and resources, and which enforce access control policies. More specifically, it provides insight into the design, implementation, evaluation, and accreditation of database management systems.