On Mon, 2008-01-14 at 10:40 +0100, Giovannini Pietro (Student CompScience2001) wrote: > How is it done the mapping between tests(e.g. LTP) and security functions? > I'm wondering how the tests are selected and associated to the security > functions, how is generated the test plan, is it all made by hand or exists > any support for it?
The Test Plan doesn't map security functions to testcases, it's just meant to act as a guide for test execution and how to collect results. The security functions/requirements to testcase mapping done manually (although we do populate the syscall list through a script) and you will find it in the FSP mapping document bundled with the package under /lspp/documents/fs/FSPmap-RHEL5-LSPP-EAL4-v3.14.ods You'll need to read this document in parallel with the Security Target (/lspp/documents/ST/RedHat_LSPP_RBAC_security_target_eal4-v1.12-nocb.pdf) so you can map the requirements from each ProtectionPprofile to the codes used across the documents. -Klaus -- Klaus Heinrich Kiwi Security Development - IBM Linux Technology Center -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
