NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0133:  FAU_GEN.1; FIA_SIPS_EXT.1 - Auditing SIP Register Events

Publication Date
2016.12.14

Protection Profiles
CPP_ND_SBC_EP_V1.0

Other References
FAU_GEN.1; FIA_SIPS_EXT.1

Issue Description

FIA_SIPS_EXT.1 requires that all register events be logged by the SBC.  Due to the fact that SBCs sit on the internet facing edge of a network, there is potential for a great amount of SIP register events. Logging of every SIP register request makes TOEs more susceptible to SIP Register Flooding, a common resource utilization attack.

Resolution

Resolution: Remove the following row in Table 1: Auditable Events


SFR                     Auditable Event                           Additional Audit Record Contents
FIA_SIPS_EXT.1    All SIP Register function requests.    None

Justification

An SBC should defend against common resource utilization attacks, such as SIP Register Flooding.  This has been updated in EP_SBC_V1.1.

 
 
Site Map              Contact Us              Home