Re: SFRs - Requirement Specification or Implementation Description?

Subject: Re: SFRs - Requirement Specification or Implementation Description?
From: Tom Benkart <tom.benkart@consulting-cc.com>
Date: Thu, 30 Nov 2006 11:19:51 -0500
Content-Type: multipart/alternative; boundary="=====================_180429343==.ALT"

I agree with your view - this has been an accepted position in multiple evaluations that I've been involved with.

If starting/stopping the TOE is equivalent to starting/stopping the audit function and an audit is generated for those events, then the requirement is satisfied. There is no requirement that a separate management operation for starting/stopping the audit function be available.

If an explicitly stated variant of FAU_GEN is used, another possible issue is introduced - is the dependency on FAU_GEN from other SFRs satisfied?

Tom

At 01:54 PM 11/29/2006, you wrote:

What is the purpose of Security Functional Requirements (SFRs) in a Security Target? Are they intended to specify what security functionality is to be provided by the TOE, or to specify the security functionality the TOE implements?

This question is raised as the result of a recent validator comment. The ST claims FAU_GEN.1 and the TSS explains that the TOE satisfies the aspect of the requirement to audit startup and shutdown of the audit function because auditing is always enabled – when the TOE starts up, an audit record of TOE startup is generated, which indicates the startup of the audit function (and, similarly, the TOE generates an audit record that it is shutting down, indicating shutdown of the audit function). To my knowledge, and in my own experience, this reasoning has always been acceptable for justifying that a TOE satisfies this aspect of FAU_GEN.1. The validator, however, insists that the ST must explicitly state its audit requirement because it clearly does not audit startup and shutdown of the audit function (because the TOE does not provide a capability to turn the audit function on and off).

I am interested in other people’s views about this.

Anthony J. Apted
Lead Evaluator/Senior System Security Engineer
SAIC CCTL
Ph: (410) 953-6837
Fx: (410) 953-7001

Tom Benkart
Common Criteria Consulting LLC
work: 301-570-9308
cell: 240-401-1173
tom.benkart@consulting-cc.com

Follow-Ups:
- Re: SFRs - Requirement Specification or Implementation Description?
  - From: "Dirk-Jan Out" <out@itsef.com>

Prev by Date: Re: SFRs - Requirement Specification or Implementation Description?
Next by Date: RE: SFRs - Requirement Specification or Implementation Descripti on?
Prev by thread: Re: type correction (PD-0112)
Next by thread: Re: SFRs - Requirement Specification or Implementation Description?

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov