Re: The reasons of SFP(s) enforcement are not consistent

Subject: Re: The reasons of SFP(s) enforcement are not consistent
From: "NIAP Interpretations Board" <faigin@aero.org>
Date: Thu, 31 Jul 2003 19:30:07 -0700
Content-description: Mail message body
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=US-ASCII
Priority: normal
Reply-to: cc-cmt@nist.gov


The NIB thanks Yokota for his continued attention to the CC and efforts to 
understand it.  

As with many attempts to define and categorize some arbitrary decisions have to 
be made.  The CC is no different.  It contains what may seem to be arbitrary 
divisions of requirements.  Since FDP_IFF and FDP_IFC are dependent upon each 
other (as are FDP_ACF and FDP_ACC), one could argue that the requirements in 
each of those pairs could be combined into a single requirement.  The NIB would 
not disagree.  However, the NIB believes it is worthwhile to preserve separate 
requirements, if only to emphasize the need for a policy and separate enforcing 
functions and the fact that the two need to be considered separately.  

That being said, the NIB can believe a PP or ST writer could justify having 
only the policy requirement if the enforcing functions were somehow included 
elsewhere.  Such a configuration would need a strong argument.

Prev by Date: Re: I-0433: Design Abstractions For Mechanical Mechanisms
Next by Date: Re: I-417: Association Of Information Flow Attributes W/Subjects And Information
Prev by thread: Re: How to express FMT_MTD.1 (Management of TSF data) requirement in the IT environment?
Next by thread: Re: Level of description on Security requirements for the IT environment

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov