Previous Next Functional Tool Requirements Homepage  
3.5 Service Complex: Security  
SSEC01 - General Security Principles  

  LSIC01 - Allgemeine Sicherheitsprinzipien

Contents  
  • 1 Allocation to V-Model and Methods Allocation
  • 2 Brief Characteristics
  • 3 Requirements
  •       3.1 Requirements for Interfaces
  •       3.2 Requirements for the Methods Support
  •       3.3 Requirements for Functions
  •       3.4 Other Requirements

    • 1 Allocation to V-Model and Methods Allocation

    not applicable

    2 Brief Characteristics

    This service unit describes the general principles covered by the service complex "security". For the most part, these general requirements (secondary requirements) are deduced from the (primary) security requirements of all the other service units of the service complex "security".
    Secondary requirements guarantee the protection of the security mechanisms and therefore are indispensable for achieving the required security.

    3 Requirements

    3.1 Requirements for Interfaces

    none

    3.2 Requirements for the Methods Support

    none

    3.3 Requirements for Functions

    SSEC01.F.1 Derived security requirements
    SSEC01.F.1.1 Not to be bypassed The security mechanisms are integrated in the entire system in a way that it is not possible to bypass them.
    SSEC01.F.1.2 Not to be deactivated There is no possibility for unprivileged users to deactivate the security mechanisms.
    SSEC01.F.1.3 Not to be deceived It is not possible to deceive the security mechanisms.
    SSEC01.F.1.4 Secure against manipulation It is not possible to manipulate the security mechanisms.
    SSEC01.F.1.5 Correctness The security mechanisms are structured and comprehensible in a way that complete analyses and extensive tests are possible.
    SSEC01.F.1.6 Separation The non-trustworthy components of the SDE are separated from the trustworthy ones in a way that it is not possible to perform or to influence security-relevant actions by them.
    SSEC01F.2 System-wide unique identification number of each object Every object possesses a unique identification number. The identification numbers are consecutive.
    By means of the identification number it is possible to discover the loss or the unauthorized re-feeding of an object.
    SSEC01.F.3 Logging The components of the SDE are able to transmit the data required for the recording of security-relevant events to the service unit SSEC04 "Auditing" or the code necessary for the recording has to be integrated in the corresponding trustworthy component.

    3.4 Other Requirements

    none

    Previous Next GDPA Online Last Updated 01.Jan.2002 Updated by Webmaster Last Revised 01.Jan.2002 Revised by Webmaster