NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0718:  Format changes for MOD_VVoIP_V1.0

Publication Date
2023.01.23

Protection Profiles
MOD_VVOIP_V1.0

Other References
FDP_IFF.1.2, FTP_ITC.1/Control, FTP_ITC.1.1/Media

Issue Description

Multiple SFRs in MOD_VVOIP_V1.0 have inconsistencies with CC Part 2.

Resolution

MOD_VVOIP_V1.0 is updated as follows, with green highlight indicating format changes (addition or removal of bold):

 

FDP_IFF.1.2 is updated as follows:

 

FDP_IFF.1.2       The TSF shall permit an information flow between a controlled subject and controlled information via a controlled operation if the following rules hold: [

·       The TOE is [selection: registered with a VVoIP call control server, acting as a VVoIP call control server when using P2P],

·       A call has been established with a telephony device (VVoIP endpoint),

·       The TOE is in the off-hook state,

·       The TOE is not in the mute state,

·       [selection: The TOE is not in the hold state, no other rules]].

 

FTP_ITC.1.1/Control and FTP_ITC.1.2/Control are updated as follows:

 

FTP_ITC.1.1/Control      The TSF shall be capable of using [selection: Session Initiation Protocl (SIP), H.323] to provide a trusted communication channel between itself and a VVoIP call control server that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from disclosure and detection of modification of the channel data.

Application Note:           Both the SIP and H.323 protocols rely on TLS. This SFR defines the application layer protocol used to secure call control functions.

FTP_ITC.1.2/Control      The TSF shall permit [the TSF, the VVoIP call control server] to initiate communication via the trusted channel.

 

FTP_ITC.1.1/Media is updated as follows:

 

FTP_ITC.1.1/Media        The TSF shall be capable of using [selection: SRTP, H.235/H.323] to provide a trusted communication channel between itself and another VVoIP endpoint or other telephony device that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from disclosure and detection of modification of the channel data.

Justification

Corrections required to complete certification report.

 
 
Site Map              Contact Us              Home