PD 0127: Compliance with IDS Analyzer PP Export Requirements

["Observation Decisions Review Board" <faigin@aero.org>]

In response to a recent OD, the ODRB has issued the following PD:

TITLE

Compliance with IDS Analyzer PP Export Requirements

ISSUE

The Intrusion Detection System (IDS) Analyzer Protection Profile (PP) contains 
four requirements related to performing authentication and exporting TSF data 
to external IT entities - FIA_AFL.1, FPT_ITA.1, FPT_ITC.1, and FPT_ITI.1. If a 
TOE claiming compliance to this PP is a distributed product that is self-
contained in the sense that it does not allow nor support access from external 
IT products, then these requirements do not apply to that TOE.

Can these non-applicable requirements be omitted from the ST? Can/should they 
be replaced with the requirement FPT_ITT.1 to protect the transmissions between 
the parts of the distributed TOE (as mentioned in PD-0097)?

RESOLUTION

Because this TOE does not export data to other trusted IT entities, the ST 
should state that the FPT_ITA.1, FPT_ITC.1, and FPT_ITI.1 requirements are not 
applicable (and, hence, trivially satisfied) due to the fact that the TOE 
exports no data. 

The FPT_ITT.1 requirement should be included in the ST and should address both 
confidentiality and integrity. Availability of data when transmitted among 
distributed parts of the TOE should also be addressed using explicitly stated 
requirement(s). Depending on the mechanism used to authenticate the data or the 
channel among distributed components of the TOE, FIA_AFL should also be 
addressed.

RATIONALE

As is the case with the IDS System PP (see PD-0097), this PP was written as a 
non-distributed architecture. However, distributed solutions are equally valid, 
yet must be expressed using a different set of CC SFRs.