![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0143: Meeting FDP_ACF.1 in the DBMS PP
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2008-09-12 |
| Last Modified | 2009-01-29 |
Issue
FDP_ACF.1 requires rules for Discretionary Access Control addressing both user IDs and group IDs. The combination of selection options and Application Notes introduces confusion about when user and/or group IDs must be included in the rule set. It was unclear whether a product using only group IDs and not user IDs for DAC required inclusion of user IDs in the rule set.
Resolution
The second Application Note is FDP_ACF.1 in the DBMS PP v1.1 is modified from:
Application Note: Rules need to include user IDs if the DBMS implements user IDs. Likewise, rules need to include group IDs if the DBMS implements group IDs.
to:
Application Note: Rules need to include user IDs if the DBMS implements user IDs to enforce access control. Likewise, rules need to include group IDs if the DBMS implements group IDs to enforce access control. If the DBMS implements both user and group IDs to enforce access control, then both must be included. The DBMS must use at least one of user IDs or group IDs to enforce access control. Rules referring to an object (user or group) that does not enforce access control do not apply.
Support
FDP_ACF.1.2-NIAP-0407 includes both users and groups in the rules for enforcing access control. As written, the requirement may appear to force a TOE to implement access control through both. Not all TOEs use both users and groups to enforce access control. The resolution clarifies the intent of the PP to allow for one or the other or both for enforcing access control.
Modification History:
- 2008-09-12:
- PD Issued. (July 2008 ODRB Agenda Item 3.a.i)
- 2008-12-02:
- PD corrected due to a cut and past error (December 2008 ODRB Agenda Item 3.a.i)
References:
- None
Related NIs:
- None
Related CCIMB-INTERPs:
- None
Source OD: 0271