Strength of function is
|“||an estimate of the effort required by an attacker to defeat a security feature in a product. . . .||”|
|“||[c]riterion expressing the minimum efforts assumed necessary to defeat the specified security behavior of an implemented security function by directly attacking its underlying security mechanisms.||”|
"Strength of function has as a prerequisite that assumes that the underlying security mechanisms are correctly implemented. The concept of strength of functions may be equally applied to services or other capability-based abstraction provided by security mechanisms."
- ↑ DoD Biometric Standards Development: Recommended Approach, at 19.
- ↑ NIST Special Publication 800-160, at B-13.
- ↑ Id.