TYPE: NIAP Interpretation
NUMBER: I-0478
STATUS: Pending Assignment
TITLE: Subject To Subject Information Flow
RELATED TO: <None>
ISSUE:
FDP_IFF.1.2 states "The TSF shall permit an information flow between a
controlled subject and controlled information ..."
However, some information flows are purely subject to subject, and do not
involve controlled information (e.g., a storage object) in the middle. It is
an invalid refinement to change "controlled information" to "another
controlled subject", hence FDP_IFF.1 needs
to be rewritten or a new requirement may be needed.
STATEMENT
(need to go through an identify all the ramifications of this)
SUPPORT:
This corrects the problem identified in the issue statement.
|
![[Public Interpretations Database]](/assets/images/public-interps.jpg){kind=small}