Assumption Categories

Identifier	Admin
Descriptive Name	Administrator assumptions
Description	This category of assumptions covers the motives, attitude, competence, and operations of System Administrator personnel.
Editorial	Category includes considerations of whether the administrator is hostile or nice, local or remote.
Subordinate Assumptions and Categories A.Auth_Sys_Admin - Authenticated administrators A.Remote_Admin - Remote adminstration AC.Admin_Attitude - System administrator attitudes AC.Admin_Motive - System administrator motives
Identifier	Admin_Attitude
Descriptive Name	System administrator attitudes
Description	This category of assumptions covers the attitudes of System Administrators.
Editorial
Subordinate Assumptions and Categories A.Admin_Errors - Potential for administrator errors A.Competent_Admin - Competent system administrators A.No_Abuse_By_Admin - No abusive system administrators A.Poor_Trained_Admin - Untrained system administrators
Identifier	Admin_Motive
Descriptive Name	System administrator motives
Description	This category of assumptions covers the motives of System Administrators.
Editorial
Subordinate Assumptions and Categories A.Hostile_Sys_Admin - Hostile system administrators A.Negligent_Admin - Negligent system administrators A.Well_Behaved_Admin - Well behaved system administrators
Identifier	Communications
Descriptive Name	Communications assumptions
Description	This category of assumptions covers communications to and from the TOE.
Editorial	May be used to include or exclude threats by remote threat agents.
Subordinate Assumptions and Categories A.Acc_to_Comms - Physical protection of communications A.Eavesdrop_by_Out - Eavesdropping by outsiders A.Peer - Connectivity to other systems
Identifier	Data
Descriptive Name	Assumed protection
Description	This category of assumptions covers the protection of security-relevant data.
Editorial
Subordinate Assumptions and Categories A.Acc_Ovrwrit_SysData - Corruption of system data A.Access_to_Passwords - User access to passwords A.Admin_Cor_Usr_Data - Corruption of data in transit
Identifier	Physical
Descriptive Name	Physical security assumptions
Description	This category of assumptions covers the physical protection of the facility and the TOE.
Editorial	Helps identify threat agents, helps determine which threats are countered by the environment.
Subordinate Assumptions and Categories A.Phys_Acs_to_Out - Physical access A.Prot_Against_Nature - Natural disaster protection A.Prot_Agnst_Pwr_Fail - Power failure protection A.Prot_of_Comm - Communications protection A.Protect_From_Out - TOE protection from outsiders
Identifier	Procedures
Descriptive Name	Procedural security
Description	This category of assumptions covers procedures to ensure the proper administration of the TOE.
Editorial
Subordinate Assumptions and Categories A.Admin_Docs - Documentation for administrators A.Admin_Virus_Check - Virus checking procedures A.Dispose_User_Data - Disposal of user data A.Password_Management - Password management promoting user compliance A.Review_Audit_Log - Administrators review audit logs
Identifier	Root
Descriptive Name	Assumptions of secure operations
Description	Various Assumptions about the operating environment.
Editorial	This assumption contains all assumption categories explicitly and thus implicitly all assumptions. In the corresponding links table, Root is not explicitly linked to individual assumptions.
Subordinate Assumptions and Categories AC.Admin - Administrator assumptions AC.Communications - Communications assumptions AC.Data - Assumed protection AC.Physical - Physical security assumptions AC.Procedures - Procedural security AC.User - User assumptions
Identifier	User
Descriptive Name	User assumptions
Description	This category of assumptions covers the motives, attitude, and access of users.
Editorial	This category helps determine what kinds of users are there.
Subordinate Assumptions and Categories A.Coop_User - Cooperative users A.No_Bypass_Security - TOE-Environment separation A.Outsider_Hi - Expert threat agents A.Outsider_Low - Laymen threat agents A.Outsider_Med - Proficient threat agents A.Remote_Access - Remote users A.User_Access - User access A.User_Virus_Scan - Software virus scanning AC.User_Motive - User motives
Identifier	User_Motive
Descriptive Name	User motives
Description	This category of assumptions covers the motives of users.
Editorial
Subordinate Assumptions and Categories A.Hostile_User - Hostile users A.Trusted_User - Trusted users A.User_Mistakes - Mistakes by users