![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0017: Parsing of APE_OBJ.1.3C
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2002-03-11 |
| Last Modified | 2006-08-02 |
Issue
The wording of APE_OBJ.1.3C contains excessive use of 'and' and 'or' making consistent parsing of the interpretation and application of this requirement difficult.
Resolution
The requirement is clear, but might be made clearer by punctuation to separate the two parts ("identified threats not completely countered by the TOE" and "organizational security policies or assumptions not completely met by the TOE"). The CEM work units that correspond to APE_OBJ.1.3C also provide clarification that deal adequately with the CC element. Note that a threat does not have to be completely eradicated in order to be considered countered.
Modification History:
- 2004-08-12
- Updated effective date to reflect the date the PD was issued. (August 2004 NIB 6.c.xiv)
References:
- TFFWPPv1.c
Related NIs:
- None
Related CCIMB-INTERPs:
- None
Source OD: 0095