Re: Interpretation of FAU_SEL.1.1 and FAU_STG.4.1
- Subject: Re: Interpretation of FAU_SEL.1.1 and FAU_STG.4.1
- From: "YOKOTA HIROFUMI" <email@example.com>
- Date: Thu, 27 Jan 2005 13:40:12 +0900
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain; charset="iso-8859-1"
- References: <41C7D59B.26827.382ED7D@localhost>
"NIAP Interpretations Board" wrote on Wednesday, December 22, 2004:
> The NIB agrees to some extent; however, in this case an isolated question
> presented with no information regarding FAU_STG.1, Protected Audit Trail
> Storage, which is a dependency on FAU_STG.4. The NIB was assuming this
> dependency was applied to the TOE (in the absence of other information);
> was assuming it was met by the environment.
Does this mean that if an SFR-A depends on an SFR-B that is satisfied by the
IT environment then the SFR-A must also be moved to the IT environment?
We see, in many STs, that FPT_STM.1 is satisfied by the IT environment
(Hardware ), yet the FPT_SMT dependent FAU_GEN.1 is satisfied by the TOE.
I think NIB allows this.
> Lastly, the NIB notes that, in CC v2.1/v2.2, there is actually no specific
> requirement that states the TSF shall store the audit records, just as
> no requirement that the TSF shall authenticate users. These are implied
> requirements and demonstrate some of the problems in CC v2.1/v2.2.
> these will be corrected in v3.0.
I agree that "authenticate users" and "identifiy users" are provided as an
each isolated SFR.
But, "store the audit records"?
What security aspects could we find in the function?
I think, the existing FAU_STG.2.3(below) is sufficient to deal with the
function and to think about the security, isn't it?.
The TSF shall ensure that [assignment: metric for saving audit records]
audit records will be maintained when the following conditions occur:
[selection: audit storage exhaustion, failure, attack].
Date Index |
Thread Index |
Problems or questions? Contact firstname.lastname@example.org