Security policies are assumed to be internally consistent and to reflect the requirements of the organization to which they apply. Similarly, security mechanisms are assumed to work correctly and to perform the functions for which they are intended. These critical aspects of trustworthiness are commonly glossed over because they are difficult to quantify or analyze. However, they speak directly to the assumptions on which all security policies and mechanisms rest. Part 6 explores the concepts and methodologies of assurance and describes the options available for receiving an evaluation of the level of trust that the assurance can provide in the system.

Chapter 18, “Introduction to Assurance,” ...