NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0133:  FAU_GEN.1; FIA_SIPS_EXT.1 - Auditing SIP Register Events

Publication Date

Protection Profiles

Other References

Issue Description

FIA_SIPS_EXT.1 requires that all register events be logged by the SBC.  Due to the fact that SBCs sit on the internet facing edge of a network, there is potential for a great amount of SIP register events. Logging of every SIP register request makes TOEs more susceptible to SIP Register Flooding, a common resource utilization attack.


Resolution: Remove the following row in Table 1: Auditable Events

SFR                     Auditable Event                           Additional Audit Record Contents
FIA_SIPS_EXT.1    All SIP Register function requests.    None


An SBC should defend against common resource utilization attacks, such as SIP Register Flooding.  This has been updated in EP_SBC_V1.1.

Site Map              Contact Us              Home