Re: Where can we use Information flow control policy (FDP_IFC/IFF)?

Subject: Re: Where can we use Information flow control policy (FDP_IFC/IFF)?
From: "YOKOTA HIROFUMI" <yokota-hirofumi@jqa.jp>
Date: Mon, 23 Jun 2003 17:55:37 +0900
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="iso-8859-1"
References: <826C4141EF76814C80C71422C2494E20663A6E@NSCLEXCH1.nsclintra.net>


Thanks Andrew.

Yes, the example is very similar with what a firewall does.
I too think that FDP_IFC/IFF could be the functions to express the
requirement.

But, I'm not sure yet.
I have some more comments as follows.

The firewall (NetScreen) is a monolithic security product.
It has clear distinct threat T.MEDIAT that says: an unauthorized person may
send impermissible information flow the TOE, which results in the
exploitation of resources on the intended network.
In such context I have no questions to use FDP_IFC/IFF.

However, when to think about general application products and to write those
STs, we need to identify the security functions in the code aside from the
application codes. Could the input data validation be a security function,
not an application function? Is it appropriate to express the requirement
using FDP_IFC/IFF?

Now, think about the extreme case. That is: all input message fields are
validated by the correct range of values for each field. Then, if we use
FDP_IFC/IFF, does this mean that all the input fields are to be specified as
security attributes? Does this mean that all the input data is considered as
TSF data, not considered as user data?  Isn't this funny?

Regards,
   Yokota

----- Original Message ----- 
From: "Andrew Teklemariam" <andrewt@neoscale.com>
To: "Multiple recipients of list" <cc-cmt@nist.gov>
Sent: Friday, June 20, 2003 1:37 AM
Subject: RE: Where can we use Information flow control policy (FDP_IFC/IFF)?


>
>
>
> ..stuff deleted
>
> >Additionally, my concerns around this is:
> >when FDP_IFC/IFF are used for filtering input messages by cheking
> values on
> >the particular input-field, could this be an appropriate use of
> FDP_IFC/IFF
> >as security function requirements?
> >I'm wondering if this use is nothing more than just an input data
> >validation
> >check and it might be an application function, not a security function.
> >Although, I'm thinking, this could be an accepted use of FDP_IFC/IFF.
> >What do you think about this?
> >
> >Thanks a lot for your time and assistance.
> >  Yokota
>
> An example of FDP_IFC, FDP_IFF use is what a firewall does.  See
> NetScreen's ST. Hopefully, that will give you a good idea.
> -andrew
>
>

References:
- RE: Where can we use Information flow control policy (FDP_IFC/IFF)?
  - From: "Andrew Teklemariam" <andrewt@neoscale.com>

Prev by Date: RE: I-0434: 3rd Party Hardware/Software And Assurance
Next by Date: RE: I-0434: 3rd Party Hardware/Software And Assurance
Prev by thread: RE: Where can we use Information flow control policy (FDP_IFC/IFF)?
Next by thread: RE: Where can we use Information flow control policy (FDP_IFC/IFF)?

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov