NIAP: View Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0178:  Integrity for installation tests in AppSW PP
Publication Date
  04/06/2017
References
PP_APP_v1.2, FPT_TUD_EXT.1.3
Issue Description

Apps on iOS are severely restricted and are completely passive during installation and uninstallation; therefore, developers have no design decisions with regards to installation/uninstallation of updates.

Resolution

The Assurance Activity for FPT_TUD_EXT.1.3 is modified as follows:

For iOS: The evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox).

For all other platforms: The evaluator shall record the path of every file on the entire filesystem prior to installation of the application, and then install and run the application. Afterwards, the evaluator shall then uninstall the application, and compare the resulting filesystem to the initial record to verify that no files, other than configuration, output, and audit/log files, have been added to the filesystem.

Justification

See issue description.

Apps on iOS are severely restricted and are completely passive during installation and uninstallation; therefore, developers have no design decisions with regards to installation/uninstallation of updates.



 
Site Map              Contact Us              Home