FDP_ITT.4 Attribute-based integrity monitoring

Subject: FDP_ITT.4 Attribute-based integrity monitoring
From: "YOKOTA HIROFUMI" <yokota-hirofumi@jqa.jp>
Date: Wed, 11 Oct 2006 16:51:03 +0900
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="iso-8859-1"
References: <44C87EEF.23728.7D7AFC@localhost> <003701c6b210$1bb47530$0200a8c0@AlexDell> <17610.1099.474992.551998@solarium.aero.org>


Hi,

Considering the meaning and the symmetry with FDP_ITT.1 and FDP_ITT.2, I
think that FDP_ITT.4 should be changed as the following.

-------------------------------------
[current]

FDP_ITT.4.1 The TSF shall enforce the [assignment: access control SFP(s)
and/or information flow control SFP(s)] to monitor user data transmitted
between physically-separated parts of the TOE for the following errors:
[assignment: integrity errors], based on the following attributes:
[assignment: security attributes that require separate transmission
channels].

FDP_ITT.4.2 Upon detection of a data integrity error, the TSF shall
[assignment: specify the action to be taken upon integrity error].

-------------------------------------
[suggested change]

FDP_ITT.4.1 The TSF shall enforce the [assignment: access control SFP(s)
and/or information flow control SFP(s)] to monitor user data transmitted
between physically-separated parts of the TOE for the following errors:
[assignment: integrity errors].

FDP_ITT.4.2 The TSF shall separate data controlled by the SFP(s) when
transmitted between physically-separated parts of the TOE, based on the
following attributes: [assignment: security attributes that require separate
transmission channels].

FDP_ITT.4.3 Upon detection of a data integrity error, the TSF shall
[assignment: specify the action to be taken upon integrity error].
--------------------------------------

It is not clear what is attempted to try based on the attributes in the
current statement.
I suggest to make it clear that it is to separate data ......, as it is
written so in FDP_ITT.2.2.
Am I wrong?

Regards,
Hirofumi Yokota

Follow-Ups:
- Re: FDP_ITT.4 Attribute-based integrity monitoring
  - From: "YOKOTA HIROFUMI" <yokota-hirofumi@jqa.jp>

References:
- Re: TSS Level of Detail/PD 0063: What Information Must Be Provided in the TSS
  - From: "Observation Decisions Review Board" <faigin@aero.org>
- RE: TSS Level of Detail/PD 0063: What Information Must Be Provided in the TSS
  - From: Alex Ragen <aragen@netvision.net.il>
- RE: TSS Level of Detail/PD 0063: What Information Must Be Provided in the TSS
  - From: "Daniel P. Faigin" <faigin@aero.org>

Prev by Date: wordings are not consistent in CCV3.1
Next by Date: Re: wordings are not consistent in CCV3.1
Prev by thread: RE: wordings are not consistent in CCV3.1
Next by thread: Re: FDP_ITT.4 Attribute-based integrity monitoring

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov