NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0055:  Move FTA_TAB.1 to Selection-Based Requirement

Publication Date
2015.07.30

Protection Profiles
PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1

Other References

Issue Description

FTA_TAB.1 requires that the TSF have the ability to display a configurable warning banner to administrators before they can administer the TOE. There are ESM products that are used to administer and enforce access control policy, but depend upon operational environment components to authenticate users and display the banner. These products can, however, enforce rules on who can modify the banner. FTA_TAB.1 as written and placed in these PPs does not take into account that the TOE can enforce rules on the banner but must rely on an operational environment component to perform authentication.

Resolution

FTA_TAB.1 should be moved to Appendix C (Architectural Variations and Additional Requirements) in the ESM PM PP and ESM ICM PP. The following application note should be added:

Application Note: If a TOE component is selected for subject authentication and identification in ESM_EAU.2.1 and ESM_EID.2.1, respectively, FTA_TAB.1 must be claimed.

Justification

FTA_TAB.1 should be conditional based on whether a TOE component or an Operational Environment component is authenticating the administrator.

 
 
Site Map              Contact Us              Home