NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0010:  WLAN AS PP Flawed Statement of FAU_SEL.1

Publication Date
2014.08.25

Protection Profiles
PP_WLAN_AS_V1.0

Other References
PP_WLAN_AS_V1.0, requirement FAU_SEL.1

Issue Description

A product under evaluation against the WLAN AS PP provides capabilities to select the set of audited events from the set of all auditable events, but the selectable attributes do not align precisely with the attributes specified in the SFR. In particular, the TOE does not provide a capability to select audited events based on administrator identity. It is not clear why the PP would want to specify a capability to exclude events based on administrator identity when much of the analysis and testing of the audit function centers on the capability to audit all administrative actions.

Resolution

The administrator identity attribute can be excluded from the list of attributes. The WLAN AS PP will be updated to remove “administrator identity” from the list of attributes in FAU_SEL.1.1.

Justification
 
 
Site Map              Contact Us              Home