NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0548:  Integrity for installation tests in AppSW PP 1.3

Publication Date
2020.09.30

Protection Profiles
PP_APP_v1.3

Other References
FPT_TUD_EXT.1.3

Issue Description

TD0178 was issued for APP SW PP v1.2 and later archived however was not carried into APP SW PP v1.3. 

Resolution

The Tests for FPT_TUD_EXT.1.3 is replaced as follows:

For iOS: The evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox).

For all other platforms: The evaluator shall install the application and then locate all of its executable files. The evaluator shall then, for each file, save off either a hash of the file or a copy of the file itself. The evaluator shall then run the application and exercise all features of the application as described in the ST. The evaluator shall then compare each executable file with the either the saved hash or the saved copy of the files. The evaluator shall verify that these are identical.

Justification

It is still true that apps on iOS are severely restricted and are completely passive during installation and uninstallation; therefore, developers have no design decisions with regards to installation/uninstallation of updates.

 
 
Site Map              Contact Us              Home