![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0140: Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2007-08-27 |
| Last Modified | 2007-08-27 |
Issue
There are several consistency issues in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile, Version 1.0, March 2006. These issues are:
-
The Security Functional Requirement component FPT_TST.1 is mentioned in several sections but should have been identified as FPT_TST_EXP.1 for consistency throughout the document.
-
The Security Functional Requirement component FAU_SAR.3 is identified as being implemented in the IT environment, but has not been traced to a security objective in the IT environment. Rationale does not exist as to how this component would satisfy a security objective in the IT environment. Traceability from a corresponding security objective to specific threat and/or Organizational Security Policy is also absent.
Resolution
All references in the ST claiming this PP to FPT_TST.1 shall be changed to FPT_TST_EXP.1. A note shall be added to the rationale section of the ST explaining the difference in wording and citing this PD.
The ST shall include a mapping of FAU_SAR.3 to OE.MANAGE. A note shall be added to the rationale section of the ST explaining the mapping and citing this PD.
Support
The wording of FPT_TST.1 in the PP differs from that of the CC, and should have been identified as an explicitly-stated requirement with the label FPT_TST_EXP.1. The resulting difference between the PP labeling and that in the ST would be best accounted for in the rationale section of the ST.
FAU_SAR.3 was incorrectly left unmapped to an environmental objective in the PP. No additional functionality is imposed upon the TOE, only a requirement for the environment.
Modification History:
- 2007-08-27
- PD created. (ODRB August 2007 Agenda Item 3.a.i)
References:
- U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile, Version 1.0, March 2006
Related NIs:
- None
Related CCIMB-INTERPs:
- None
Source OD: 0264