Re: wordings are not consistent in CCV3.1

["YOKOTA HIROFUMI" <yokota-hirofumi@jqa.jp>]

Thanks John,

Objectivity and impartiality are the universal principles of evaluation.
For that principles, SFR(s) are the essential parts of the CC evaluation.

If it is hard to read SFR(s), it would be hard to write and evaluate the
rationales that demonstrate the requirements be suitable to meet the
security objectives.
If it is hard to evaluate the rationales, Objectivity of the evaluation
would be hard to achieve.
If it is hard to achieve the objectivity of the evaluation, Impartiality of
the evaluation would also be hard to achieve.

I think, interpretations of SFR(s) have been argued a lot since in the field
among ST writers, evaluators and validators.
I wish, continued effort be taken to upgrade the SFR(s) making them more
readable.

Regards,
Hirofumi Yokota

----- Original Message ----- 
From: "John Boone" <jboone@ashtonlabs.com>
To: "Multiple recipients of list" <cc-cmt@nist.gov>
Sent: Saturday, October 14, 2006 6:07 AM
Subject: RE: wordings are not consistent in CCV3.1


>
> Hi,
>
> I'm not jumping in on one side or the other of the wording arguments, but
I
> thought I could add something that might clarify the (original) need for
> this type of phrase in the CC. It might help explain the intended
semantics
> ..
>
> I think these phrases support the concept that a TOE might apply a policy
to
> a "subset" of objects or subjects. E.g., access control for file system
> objects, but not printer buffers. Hence, these SFRs had to qualify
> everything, to point to the objects (for instance) that were within scope.
>
> Again, not arguing either side of doing it this way ... and not addressing
> the consistency issues ...
>
> -John
>
> [...]
> > > CC(V3.1) Part2.
> > >
> > > 1. "covered by the SFP" --- P57  FDP_ACC.1.1
> > > 2. "controlled under the SFP" --- P73 FDP_ITC.1.1
> > > 3. "controlled by the SFP(s) --- P76 FDP_ITT.2.2
> > > 4. "controlled by the TSF" --- P82 FDP_SDI.1.1
> > >
> > > Are they all the same?
> [...]
>
>
>
>