RE: PD-0091: Dependencies of Requirements on the IT Environment

Subject: RE: PD-0091: Dependencies of Requirements on the IT Environment
From: Nir Naaman <nir.naaman@metasec.com>
Date: Wed, 28 Jan 2004 19:44:10 +0200
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=us-ascii
Importance: Normal
In-reply-to: <4017D80D.6050203@itsef.tno.nl>

On Wednesday, January 28 Dirk-Jan Out wrote:

> 
> This boils down to: you cannot generally use FPT_SEP in 
> unmodified form in a software-only TOE as the CC is currently written.
> 
> Work is ongoing in- and outside the CCIMB to rectify this. 
> But in v2.1 (and v2.2) you will be stuck with this.
> 

Note that the NSA/NIST Protection Profile Review Board (PPRB) "Protection
Profile (PP) Consistency Guidance for Basic Robustness"  has a suggestion
for FPT_SEP in software-only TOEs:

FPT_SEP_EXP.1 The TSF shall maintain a security domain that protects it from
interference and tampering by untrusted subjects initiating actions through
its own TSFI.
FPT_SEP_EXP.2 The TSF shall enforce separation between the security domains
of subjects in the TOE Scope of Control. 

I think that this together with I-0463 is consistent with what you're saying
here.

    Nir

Follow-Ups:
- Re: PD-0091: Dependencies of Requirements on the IT Environment
  - From: "Dr.Ir. D.J. Out" <out@itsef.tno.nl>

References:
- Re: PD-0091: Dependencies of Requirements on the IT Environment
  - From: "Dr.Ir. D.J. Out" <out@itsef.tno.nl>

Prev by Date: Re: PD-0091: Dependencies of Requirements on the IT Environment
Next by Date: RE: PD-0091: Dependencies of Requirements on the IT Environment
Prev by thread: Re: PD-0091: Dependencies of Requirements on the IT Environment
Next by thread: Re: PD-0091: Dependencies of Requirements on the IT Environment

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov