RE: Categorisation of SFRs for the TOE and for the IT environment
- Subject: RE: Categorisation of SFRs for the TOE and for the IT environment
- From: RJBotto@missi.ncsc.mil
- Date: Fri, 2 Apr 2004 10:24:24 -0500
- Content-Type: text/plain; charset="iso-8859-1"
As Daniel notes, the US will allow Objectives (and SFRs, if they've been
specified) for the Environment to be met by the TOE, but not the other way
round. PP authors are usually consulted if there is ever any doubt whether
they would accept Environment objectives to be met by the TOE. And we tell
PP authors that if they do not want this to happen, they should add an
explicit statement that the Environment objective is NOT to be met by the
TOE, but I don't know if that has ever been done. I do recall at least one
case where the PP author has done the opposite: added a statement after an
Objective that explicitly allows the TOE to meet it (but I cannot remember
which right now).
But Dirk-Jan is correct that the words of v2.1 separate the world into TOE
and Environment, with no middle ground; v2.1 has no construct to convey
conditionals or inclusive-ORs in allocating SFRs and Objectives.
~~Ron.
-----Original Message-----
From: Daniel P. Faigin [mailto:faigin@solarium.aero.org]
Sent: Friday, April 02, 2004 9:43 AM
To: Multiple recipients of list
Subject: Re: Categorisation of SFRs for the TOE and for the IT
environment
On Fri, 2 Apr 2004 02:48:32 -0500 (EST), "Dr.Ir. D.J. Out"
<out@itsef.tno.nl>
said:
> I think that formally, in CCv2.1 you cannot create a PP that has
> objectives or SFRs that can be assigned to the TOE or the environment in
> the ST.
Actually, if you assign an objective to the IT Environment, it can be met by
the TOE. If you assign an objective to the TOE, it MUST be met by the TOE.
Daniel
Date Index |
Thread Index |
Problems or questions? Contact list-master@nist.gov