TD0121: FMT_MEC_EXT.1.1 Configuration Options
The Application Software v1.2 PP requires (via FMT_MEC) that configuration information be stored (for Windows platforms) in the registry. For a TOE claiming compliance with the File Encryption EP, certain configuration items are stored and protected using the encryption mechanisms provided by the File Encryption TOE, instead of in the registry.
When a TOE is claiming compliance to the SWFE EP, it is permitted to use data encryption as an alternate means for protecting configuration information. This is done through the following changes:
FMT_MEC_EXT.1 is added to the SWFE EP as follows:
FMT_MEC_EXT.1 Supported Configuration Mechanism
FMT_MEC_EXT.1.1 The TSF shall [selection: invoke the mechanisms recommended by the platform vendor for storing and setting configuration options, store and protect configuration options as specified in FCS_COP.1(1)].
The ST author replaces FMT_MEC_EXT.1 in the Application Software PP with this requirement, and performs the appropriate selections. The ST author ensures all configuration options are "covered" by one of the two selections. It is allowable to have some configuration stored and protected using platform-provided functions and some stored by the TSF and protected using encryption per FCS_COP.1(1).
The TSS assurance activity in the Application Software PP for FMT_MEC_EXT.1 applies for either selection. Additionally, if "store and protect configuration options as specified in FCS_COP.1(1)" is selected, the evaluator shall ensure that the TSS identifies those options, as well as indicates where the encrypted representation of these options is stored.
The test assurance activites in the Application Software PP for FMT_MEC_EXT.1 apply to all configuration options identified as being stored and set using platform mechanisms. The following test activity applies to any configuration options identified as being stored and protected using encryption per FCS_COP.1(1).
[Conditional] For all configuration options listed in the TSS as being stored and protected using encryption per FCS_COP.1(1), the evaluator shall examine the contents of the configuration option storage (identified in the TSS) to determine that the options have been encrypted.
Encryption with mechanisms specified in the SWFE PP provides as strong or stronger protection as that provided by the platform mechanisms. While the TOE managing its own configuration information is generally not allowed for ease of administration concerns, limited exceptions associated with options needed for SWFE EP-compliant TOEs should be permitted for additional protection reasons.