NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0108:  Residual Information in Memory in SVPP

Publication Date
2016.09.23

Protection Profiles
PP_SV_V1.1

Other References
PP_SV_v1.1

Issue Description

The Assurance Activity for FDP_RIP_EXT.1 consists of two portions, a documentation portion and a testing portion.  The testing portion requires an evaluator to examine memory from inside the Guest OS to ensure that the Virtualization System (VS) has cleared this memory prior to allocating it to the VM.  This test fails to take into account the fact that the Guest OS may have altered that memory after the VS cleared it; therefore, the test does not adequately test the SFR.

Resolution

The Assurance Activity for FDP_RIP_EXT.1 will be modified to remove the testing portion (AA 2.) and update the documentation portion (AA 1.).  The Assurance Activity will then read:

The evaluator shall ensure that the TSS documents the process used for clearing physical memory prior to allocation to a Guest VM, providing details on when and how this is performed.  Additionally, the evaluator shall ensure that the TSS documents the conditions under which physical memory is not cleared prior to allocation to a Guest VM, and describes when and how the memory is cleared.

 

Justification

This change updates the Assurance Activity to remove the invalid test, and expands what must be documented for this requirement.

 
 
Site Map              Contact Us              Home