Closed DoomDragoon closed 9 months ago
So far so good. I'm glad you called out input validation because I was having a blank moment earlier when I tried to reference that control for my diagram as well. The only item I would add is attend a context number (CT#) to the item on your diagram.
@DoomDragoon I would suggest revising your Top Level Claim. "The database is secure", to me, assumes full, impenetrable security which is not possible in a risk/cost analysis. I would revise the wording to be similar to "The database has sufficient protections", "is sufficiently secure", or something of that sort.
Little bit of progress but still working things out
I like where you're going with this. Will you put a rebuttal under sub-claim2 or evidence? Seems like you could really go either way if you have a rebuttal to add there.
Working on encryption next
I think this is pretty close to my final.
Fixed notation errors
I think this is my final
First draft, just wanted to get it out there so people can see some progress.![Assurance Claim Diagram](https://github.com/Deeds101/CYBR8420-project/assets/107895832/8d940df5-c7c6-4ef4-be79-176bb765a4f7)