This document establishes computer security requirements for the Department of Defense (DoD) by identifying the minimum class of system required for a given risk index. The classes are those defined by CSC-STD-001-83, Department of Defense Trusted Computer System Evaluation Criteria (henceforth referred to as the criteria). A system's risk index is defined as the disparity between the minimum clearance or authorization of system users and the maximum sensitivity of data processed by the system.
Click Here to download this article