NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0314:  Modifications to support Selection Based requirements

Publication Date
2018.04.26

Protection Profiles
EP_WIDS_V1.0

Other References
FAU_SAA.1.2, FAU_GEN.1.1/WIDS, FAU_GEN.2.1//WIDS, FMT_SMF.1/WIDS

Issue Description

Several tables in the WIDS EP include rows that depend on selections within mandatory SFRs and/or selection/optional/objective SFRs. However, the EP is unclear of how to handle these rows when these portions of an SFR or full SFRs are not included in the ST.

Resolution

The Extended Package for Wireless Intrusion Detection/Prevention Systems Version 1.0 is modified as follows:

1.       FAU_SAA.1.2now has the following application note:

Application Note: Table 1 includes optional and objective requirements. Only security SFRs that are either mandatory or selected by the ST author need to be included as part of the table. If any requirement is optional or objective that is not part of the ST, it does not need to be included as part of the table.

2.       The application note for FAU_GEN.1.1/WIDS is modified as follows:

Application Note: There are additional auditable events in this SRF serve to extend the FAU_GEN.1 SFR found in the ND cPP. The events in the table should be combined with those of the ND cPP in the context of a conforming Security Target. The Auditable Events table includes optional and objective requirements. The auditing of optional and objective requirements is only required if the vendor chooses to have the requirement evaluated by NIAP. Auditing actions that correspond to an SFR that is not part of the ST do not have to be included in the ST. 

 

3.       For FMT_SMF.1/WIDS is moved to Annex B, Selection-Based Requirements andis dependent on if baselines (‘expected and approved’) is selected under FAU_ANO_EXT.1.1.

Justification

See issue description.

 
 
Site Map              Contact Us              Home