The University of SydneyPage 37Principle 5: Computer Security Depends on Two Types of Requirements: Functional and Assurance –Functional requirements–Describe what a system should do–Assurance requirements–Describe how functional requirements should be implemented and testedDoes the system do the right thingsin the right way?–Verification: The process of confirming that one or more predetermined requirements or specifications are met–Validation: A determination of the correctness or quality of the mechanisms used in meeting the needs