NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0751:  Update to Wireless Threat Location Detection Scope

Publication Date
2023.06.05

Protection Profiles
MOD_WIDS_V1.0

Other References
FAU_INV_EXT.3.1, MOD_WIDS_V1.0-SD

Issue Description

The SFR FAU_INV_EXT.3.1 contains the following requirement for MOD_WIDS_V1.0:

FAU_INV_EXT.3.1: The TSF shall detect the physical location of APs and EUDs to within [assignment: value equal or less than 25] feet of their actual location.

 

The following test is required for the above:

                Test 1:

 Step 1: Deploy an AP within range of the sensors.

 Step 2: Verify the TSF provides location tracking information about the AP.

 Step 3: Verify the AP location presented is within 25 feet actual location.

The above SFR/test can be interpreted that it is required that the locations of all AP/EUDs in the sensors range be tracked. This could be an issue when the wireless sensor is deployed in an RF-dense area, such as an un-shielded building in a dense, urban environment, or in a multi-tenant office space. This would dramatically increase the number of benign devices that need to be identified and tracked, and likely will lead to a high false positive ratio and performance degradation. Limiting the scope of the requirement to APs/EUDs that have been deemed rogue due to hitting a wireless threat signature and/or allowlist APs/EUDs would prevent the wireless sensors from suffering with performance in large environments.

Resolution

FAU_INV_EXT.3.1 in MOD_WIDS_V1.0 is modified as follows, with red highlighted strikethroughs denoting deletions and green highlighted underlines denoting additions:

FAU_INV_EXT.3.1  The TSF shall detect the physical location of rogue APs and EUDs, and [selection: allow-listed APs, allow-listed EUDS, neighboring AP, and EUDs, no other devices] to within [assignment: value equal or less than 25 feet].

Test 1 for FAU_INV_EXT.1 in the MOD_WIDS_V1.0 SD is modified as follows, with red highlighted strikethroughs enoting deletions and green highlighted underlines denoting additions:

Test 1:

 Step 1: Deploy an AP within range 25 feet of the sensors.

 Step 2: Verify the TSF provides location tracking information about the AP.

 Step 3: Verify the AP location presented is within 25 feet of the actual location.

 

Justification

See issue description.

 
 
Site Map              Contact Us              Home