I-0409: Other Properties In FMT_MSA.3 Should Be Specified By Assignment
- Subject: I-0409: Other Properties In FMT_MSA.3 Should Be Specified By Assignment
- From: "Interpretations Working Group" <ccevs-nib@nist.gov>
- Date: Mon, 17 Sep 2001 09:04:01 -0700
- Content-type: Multipart/Mixed; boundary=Message-Boundary-14187
- Priority: normal
[The following is the ASCII version of the proposal. A pretty-printed PDF
version is attached.]
[NOTE: This proposal may reflect minor changes from the previous public
review version. However, there have been no substantive changes to
either the statement of interpretation or the specific changes since the
previous public review version.]
The following is a proposal for a NIAP Interpretation of a Common
Criteria document that has been approved by the IWG and is being
submitted to CCEVS management for approval. It is being posted for
informational purposes.
CCITSE/CEM NIAP INTERPRETATION (PROPOSED)
_________________________________________________________________
I-0409: Other Properties In FMT_MSA.3 Should Be Specified By Assignment
_________________________________________________________________
TYPE: NIAP Interpretation
NUMBER: I-0409
STATUS: Ready to Prepare for Management/CCIMB
TITLE: Other Properties In FMT_MSA.3 Should Be Specified By
Assignment
PREVIOUS POSTING: [cc-cmt 00060]
SOURCE REFERENCE: CC v2.1 Part 2 Subclause 8.2 FMT_MSA.3
CC v2.1 Part 2 Subclause H.2 FMT_MSA.3
RELATED TO: <None>
ISSUE:
The normal CC paradigm is to have PP/ST authors specify "other"
information through assignment. This element is an anomaly; the Part 2
annex explicitly calls out the use of refinement to specify the other
property.
STATEMENT
In FMT_MSA.3.1, the selection of "other property" for the default
values is specified by assignment.
SPECIFIC INTERPRETATION
To address this interpretation, the following changes are made to CC
v2.1 Part 2 (additions marked _thusly_; deletions marked _[DEL:_
thusly _:DEL]_ ):
* FMT_MSA.3 is relabeled as FMT_MSA.3-NIAP-0409. Unless otherwise
noted in these changes, all normative and informative material
associated with FMT_MSA.3 is incorporated unchanged into
FMT_MSA.3-NIAP-0409, and all references to FMT_MSA.3 in the CC,
CEM, or other Common Criteria documentation is changed to refer to
FMT_MSA.3-NIAP-0409.
* Subclause 8.2, FMT_MSA.3, element FMT_MSA.3.1 is modified as
follows:
FMT_MSA.3.1_-NIAP-0409_ The TSF shall enforce the [assignment:
access control SFP, information flow control SFP] to provide
[selection: restrictive, permissive, _[assignment:_ other
property_]_] default values for security attributes that are used
to enforce the SFP.
* Subclause H.2, FMT_MSA.3, Operations, is modified as follows:
Operations
Assignment:
In FMT_MSA.3.1_-NIAP-0409_,the PP/ST author should list the access
control SFP or the information flow control SFP for which the
security attributes are applicable.
Selection:
In FMT_MSA.3.1_-NIAP-0409_, the PP/ST author should select whether
the default property of the access control attribute will be
restrictive, permissive, or another property. _[DEL:_ In case of
another property, the PP/ST author should refine this to a specific
property. _:DEL]_
_Assignment:_
_In FMT_SMA.3.1-NIAP-0409, if the PP/ST author selects another
property, the PP/ST author should specify the desired
characteristics of the default values._
Assignment:
In FMT_MSA.3.2 the PP/ST author should specify the roles that are
allowed to modify the values of the security attributes. The
possible roles are specified in FMT_SMR.1.
PROJECTED IMPACT:
Negligible impact anticipated.
SUPPORT:
In the Common Criteria, when arbitrary information is added, this is
typically done through the assignment operation. Refinement is used in
those cases where additional implementation detail is provided. This
particular issue appears to be due to a case where the CC authors
mistakenly used refinement instead of assignment, probably to avoid
embedding an assignment within a selection. This interpretation
corrects the error by making the assignment explicit.
0409-pub.pdf
Date Index |
Thread Index |
Problems or questions? Contact list-master@nist.gov