NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0265:  Audit of TLS and HTTPS Session Terminations

Publication Date
2017.12.04

Protection Profiles
PP_BASE_VIRTUALIZATION_V1.0

Other References
FCS_TLSS_EXT.1, FCS_TLSC_EXT.1, FCS_HTTPS_EXT.1

Issue Description

It is unclear that individual events in Table 3 can be selected in FAU_GEN.1 without including the entirety of Table 3.  Additionally, several auditable events are being made optional.

Resolution

 

The following changes shall be made to the Virtualization PP (PP_BASE_VIRTUALIZATION_V1.0)

 

 

 

1. Add the bold text below to the Application Note for FAU_GEN.1: Audit Data Generation

 

 

 

Application Note:            The ST author can include other auditable events directly in Table 1; they are not limited to the list presented. The ST author should update the table in FAU_GEN.1.2 with any additional information generated. “Subject identity” in FAU_GEN.1.2 could be a user id or an identifier specifying a VM, for example.

 

If ‘additional information defined in Table 3’ is selected, it is acceptable to include individual entries from Table 3 without including the entirety of Table 3.  Appropriate entries from Tables 2, 4, and 5 should be included in the ST if the associated SFRs and selections are included.

 

The Table 1 entry for FDP_VNC_EXT.1 refers to configuration settings that attach VMs to virtualized network components. Changes to these configurations can be made during VM execution or when VMs are not running. Audit records must be generated for either case.

 

The intent of the audit requirement for FDP_PPR_EXT.1 is to log that the VM is connected to a physical device (when the device becomes part of the VM’s hardware view), not to log every time that the device is accessed. Generally, this is only once at VM startup. However, some devices can be connected and disconnected during operation (e.g., virtual USB devices such as CD-ROMs). All such connection/disconnection events must be logged.

 

 

 

2. Change the text in Annex B immediately preceding Table 3 from:

 

The following additional auditable events shall be claimed by the ST author if “additional information defined in Table 3” is selected in FAU_GEN.1:

 

to:

 

The following additional auditable events may be claimed by the ST author if “additional information defined in Table 3” is selected in FAU_GEN.1.  Any subset of Table 3, including individual entries, may be included in the ST; it is not necessary to include the entirety of Table 3.

 

 

 

3. Move the following auditable event entries to Table 3 in Annex B:

 

FCS_HTTPS_EXT.1 (from Table 4)

 

FCS_TLSC_EXT.1 (from Table 4)

 

FCS_TLSS_EXT.2 (from Table 4)

 

FCS_TLSC_EXT.2 (from Table 4 as added in TD 213)

 

FCS_TLSS_EXT.1 (from Table 4 as added in TD 213)

 

 

Justification

These changes clarify FAU_GEN.1 and give the ST author additional auditing flexibility.

 
 
Site Map              Contact Us              Home