In this chapter, you will
• Learn how policy can be decomposed into security requirements
• Examine the specifics of confidentiality, integrity, and availability requirements
• Explore authentication, authorization, and auditing requirements
• Explore the connection between audit and security requirements
Policy decomposition involves the mapping of high-level policy statements into lower-level policies, a process that can be repeated until the policies are implementable. Policy is a term that can have several meanings, ...