Level of description on Security requirements for the IT environment

["YOKOTA HIROFUMI" <yokota-hirofumi@jqa.jp>]

In the Supplement(ASE),

we see the 'Security requirement for the IT environment' is removed.

 

I think, this is a good news for both ST authors and ST evaluators,

 

However, today, we are still under the CC ver 2.1. 

 

And, there is an inconsistency between CC and CEM about how to

 describe the security requirements for the IT environment.

 

CC part1 says ( see the excerpts below ):

 - The conditions of expression for security requirements shall be same

   for both the TOE and its IT environment.

 

On the other hand, 

 

CEM says ( see the excerpts below ):

 - The evaluator shall check that each TOE security functional requirement component

    that was drawn from Part2 that was reproduced in the ST, is correctly reproduced.

 - The evaluator shall check that security requirements for the IT environment are

    identified if appropriate.

 

*****

Now, question:

 

Looking at several evaluated STs, I see, they are mostly written in accordance with

 the CC part1 specification.

 

However, now, we knew that security requirement for the IT environment

 will be removed from the ST, in the future. 

 

Also, CEM appeares not strict for the expression of security requirements

 for the IT environment, not so as it does for the TOE. 

 

Then, would it be acceptable to describe security requirements for the IT environment

simply and briefly, say to put just part2/part3 componet labels with brief description,

 leaving out their operations.   

 

Regards,

   Yokota

 

------------------------------------------------------------------

CC/CEM excerpts:

 

CC part1 ( C.2.6 IT security requirements )

 

c) The following common conditions shall apply equally to the expression of security

 functional and assurance requirements for the TOE and its IT environment:

 

3) Any required operations shall be used to amplify the requirements to the level

 of detail necessary to demonstrate that the security objectives are met. All specified

 operations on the requirements components shall be performed. 

 

CEM (ASE_REQ.1-1):

 

The evaluator shall check the statement of TOE security functional requirements

 to determine that it identifies the TOE security functional requirements drawn from

 CC Part2 functional requirements components.

 

CEM (ASE_REQ.1-3):

 

The evaluator shall check that each TOE security functional requirement component

 that was drawn from Part2 that was reproduced in the ST, is correctly reproduced.

 

CEM (ASE_REQ.1-9):

 

The evaluator shall check that security requirements for the IT environment are

 identified if appropriate.

-------------------------------------------------------------------