| This is a work in progress |
|---|
This template is intended to guide an application to generate security documentation. It consists of multiple sections. An application's documentation would only include the sections that are appropriate. |
|---|
Each section will have two portions:
What the user can and cannot expect in terms of security from the software produced by the project, that is, the security requirements that the software is intended to meet. It may make include pointers into the project's architecture document.
This gives a justification as to why the above security requirements are met. The assurance case MUST include: a description of the threat model, clear identification of trust boundaries, an argument that secure design principles have been applied, and an argument that common implementation security weaknesses have been countered. |
| For applications that have incoming connections from external entities: |
|---|
Security Expectations | Security Assurances |
|---|---|
| For applications that have outgoing connections to external entities: |
|---|
Security Expectations | Security Assurances |
|---|---|
| For applications that have incoming connections from internal entities: |
|---|
Security Expectations | Security Assurances |
|---|---|
| For applications that have outgoing connections to internal entities: |
|---|
Security Expectations | Security Assurances |
|---|---|
| Application-specific considerations: |
|---|
Security Expectations | Security Assurances |
|---|---|