[redhat-lspp] Mapping tests to security functions
Klaus Heinrich Kiwi
klausk at linux.vnet.ibm.com
Wed Jan 16 12:56:35 UTC 2008
On Mon, 2008-01-14 at 10:40 +0100, Giovannini Pietro (Student
CompScience2001) wrote:
> How is it done the mapping between tests(e.g. LTP) and security functions?
> I'm wondering how the tests are selected and associated to the security functions, how is generated the test plan, is it all made by hand or exists any support for it?
The Test Plan doesn't map security functions to testcases, it's just
meant to act as a guide for test execution and how to collect results.
The security functions/requirements to testcase mapping done manually
(although we do populate the syscall list through a script) and you will
find it in the FSP mapping document bundled with the package
under /lspp/documents/fs/FSPmap-RHEL5-LSPP-EAL4-v3.14.ods
You'll need to read this document in parallel with the Security Target
(/lspp/documents/ST/RedHat_LSPP_RBAC_security_target_eal4-v1.12-nocb.pdf) so you can map the requirements from each ProtectionPprofile to the codes used across the documents.
-Klaus
--
Klaus Heinrich Kiwi
Security Development - IBM Linux Technology Center
More information about the redhat-lspp
mailing list