[Public Interpretations Database]

I-0409: Other Properties In FMT_MSA.3 Should Be Specified By Assignment

 
TYPE:                 NIAP Interpretation
NUMBER:               I-0409
STATUS:               Formally Superseded

TITLE:                Other Properties In FMT_MSA.3 Should Be Specified By
                      Assignment
SUPERSEDED BY:        
     CCIMB-INTERP-0201

EFFECTIVE:            2002-01-04
SUPERSEDED:           2003-10-31

SOURCE REFERENCE:     CC v2.1 Part 2 Subclause 8.2 FMT_MSA.3
                      CC v2.1 Part 2 Subclause H.2 FMT_MSA.3
RELATED TO:           <None>
CCIMB ENTRY:          CCIMB-INTERP-0201

ISSUE:

The normal CC paradigm is to have PP/ST authors specify "other" information through assignment. This element is an anomaly; the Part 2 annex explicitly calls out the use of refinement to specify the other property.

STATEMENT

In FMT_MSA.3.1, the selection of "other property" for the default values is specified by assignment.

RECOMMENDED CRITERIA CHANGES

To address this interpretation, the following changes are made to CC v2.1 Part 2 (additions marked thusly; deletions marked thusly):

  • FMT_MSA.3 is relabeled as FMT_MSA.3-NIAP-0409. Unless otherwise noted in these changes, all normative and informative material associated with FMT_MSA.3 is incorporated unchanged into FMT_MSA.3-NIAP-0409, and all references to FMT_MSA.3 in the CC, CEM, or other Common Criteria documentation is changed to refer to FMT_MSA.3-NIAP-0409.

  • Subclause 8.2, FMT_MSA.3, element FMT_MSA.3.1 is modified as follows:

    FMT_MSA.3.1-NIAP-0409 The TSF shall enforce the [assignment: access control SFP, information flow control SFP] to provide [selection: restrictive, permissive, [assignment: other property]] default values for security attributes that are used to enforce the SFP.

  • Subclause H.2, FMT_MSA.3, Operations, is modified as follows:

    Operations

    Assignment:

    In FMT_MSA.3.1-NIAP-0409,the PP/ST author should list the access control SFP or the information flow control SFP for which the security attributes are applicable.

    Selection:

    In FMT_MSA.3.1-NIAP-0409, the PP/ST author should select whether the default property of the access control attribute will be restrictive, permissive, or another property. In case of another property, the PP/ST author should refine this to a specific property.

    Assignment:

    In FMT_SMA.3.1-NIAP-0409, if the PP/ST author selects another property, the PP/ST author should specify the desired characteristics of the default values.

    Assignment:

    In FMT_MSA.3.2 the PP/ST author should specify the roles that are allowed to modify the values of the security attributes. The possible roles are specified in FMT_SMR.1.

SUPPORT:

In the Common Criteria, when arbitrary information is added, this is typically done through the assignment operation. Refinement is used in those cases where additional implementation detail is provided. This particular issue appears to be due to a case where the CC authors mistakenly used refinement instead of assignment, probably to avoid embedding an assignment within a selection. This interpretation corrects the error by making the assignment explicit.

2003-08: This is being captured as CCIMB RI 0201. The CCIMB version adds two additional components where an equivalent problem occured, FMT_REV and FPT_AMT.