NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0551:  NIT Technical Decision for Incomplete Mappings of OEs in FW Module v1.4+Errata

Publication Date
2020.10.15

Protection Profiles
MOD_CPP_FW_v1.4e

Other References
Sections 5.3.2 and 5.3.4

Issue Description

The NIT has issued a technical decision for Incomplete Mappings of OEs in FW Module v1.4+Errata

 

 

Resolution

The tables in sections 5.3.2 and 5.3.4 shall be replaced as follows:

Section 5.3.2 shall be replaced by:

 

Objective for the Operational Environment

Assumptions and OSPs

OE.PHYSICAL

A.PHYSICAL_PROTECTION

OE.NO_GENERAL_PURPOSE

A.LIMITED_FUNCTIONALITY

OE.TRUSTED_ADMIN

A.TRUSTED_ADMINISTRATOR, A.VS_TRUSTED_ADMINISTRATOR

OE.UPDATES

A.REGULAR_UPDATES, A.VS_REGULAR_UPDATES

OE.ADMIN_CREDENTIALS_SECURE

A.ADMIN_CREDENTIALS_SECURE

OE.COMPONENTS_RUNNING

A.COMPONENTS_RUNNING

OE.RESIDUAL_INFORMATION

A.RESIDUAL_INFORMATION

OE.VM_CONFIGURATION

A.VS_CORRECT_CONFIGURATION, A.VS_ISOLATON

 

 

 

 

 

Section 5.3.4 shall be replaced by:

 

Assumption

Rationale for security objectives for the environment

 

 

A.PHYSICAL_PROTECTION

The assumption that the TOE is physically protected against all unauthorized access attempts is addressed by the corresponding requirement in OE.PHYSICAL.

 

 

Assumption

Rationale for security objectives for the environment

 

 

A.LIMITED_FUNCTIONALITY

The assumption that the TOE does not provide any general purpose computing capabilities is addressed by the corresponding requirement in OE.NO_GENERAL_PURPOSE.

 

A.TRUSTED_ADMINISTRATOR

The assumption that the Security Administrator is trusted is addressed by the corresponding requirement in OE.TRUSTED_ADMIN.

 

A.REGULAR_UPDATES

The assumption that the devices firmware and software is updated regularly is addressed by the corresponding requirement in OE.UPDATES.

 

 

A.ADMIN_CREDENTIALS_SECURE

The assumption that the Security Administrator’s credentials are protected by the platform they are stored on is addressed by the corresponding requirement in OE.ADMIN_CREDENTIALS_SECURE.

 

 

A.COMPONENTS_RUNNING

The assumption that each component of a distributed system is functioning properly is satisfied by the fact that this is specified as an expectation by OE.COMPONENTS_RUNNING.

 

 

A.RESIDUAL_INFORMATION

The assumption that the Security Administrator must ensure that there is no unauthorized access possible for sensitive residual information is addressed by the corresponding requirement in OE.RESIDUAL_INFORMATION.

 

A.VS_TRUSTED_ADMINISTRATOR

(applies to vNDs only)

The assumption that the Security Administrator for the VS is trusted is addressed by the corresponding requirement in OE.TRUSTED_ADMIN.

 

A.VS_REGULAR_UPDATES (applies to vNDs only)

The assumption that the VS software is updated regularly is addressed by the corresponding requirement in OE.UPDATES.

 

 

 

Assumption

Rationale for security objectives for the environment

 

 

A.VS_ISOLATON (applies to vNDs only)

The assumption that the VS provides and is configured to provide sufficient isolation between software running in VMs on the same physical platform is addressed by the corresponding requirement in OE.VM_CONFIGURATION

 

A.VS_CORRECT_CONFIGURATION

(applies to vNDs only)

The assumption that the VS and VMs are correctly configured is addressed by the corresponding requirement in OE.VM_CONFIGURATION

For further information, please see the NIT interpretation at:

https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI202021.pdf

Justification

See issue description.

 
 
Site Map              Contact Us              Home