[Public Interpretations Database]

I-0472: Correction Of Definition Of Lattice

 
TYPE:                 NIAP Interpretation
NUMBER:               I-0472
STATUS:               Sent to CCEVS Management and CCIMB for Review

TITLE:                Correction Of Definition Of Lattice

FIRST POST:            [cc-cmt 00728]

SOURCE REFERENCE:     CC v2.1 Part 2 Subclause 6.6 FDP_IFF
RELATED TO:           <None>

ISSUE:

The definition of lattice in FDP_IFF.2.7 is wrong.

STATEMENT

"Lattice" is a mathematical term referred to in paragraph 198 under "Family Behavior". The conditions listed in FDP_IFF.2.7 are intended to define a matrix in terms of an "ordering relationship between security attributes". They are incorrect and incomplete. (a) is fine. (b) and (c) purport to define "least upper bound" and "greatest lower bound" respectively when in fact they only define "upper bounds" and "lower bounds". Definitions of all four are necessary to complete the definition of a lattice. However, it is simpler to directly include the definition of lattice by reference.

RECOMMENDED CRITERIA CHANGES

To address this interpretation, the following changes are made to CC v2.1: (Additions marked thusly; deletions marked thusly):

  • In FDP_IFF.2.7 delete list items b) and c) and replace with a new list item b):
    b) The set of all such attributes and the ordering function conform to the mathematical definition of a lattice.

SUPPORT:

Replacing the faulty definition with a reference to the correct definition removes any chance for error and makes it clear what is intended. If a reader does not understand the terminology then almost anywhere he goes to seek information will have a more complete explanation than could be provided in the CC.