NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0338:  NIT Technical Decision for Access Banner Verification

Publication Date
2018.08.02

Protection Profiles
CPP_ND_V2.0E

Other References
ND SD V2.0, FTA_TAB.1

Issue Description

The NIT has issued a technical decision for Access Banner Verification.

Resolution

In ND SD, the TSS section for FTA_TAB.1 shall be replaced by:

<new>"The evaluator shall check the TSS to ensure that it details each administrative method of access (local and remote) available to the Security Administrator (e.g., serial port, SSH, HTTPS). The evaluator shall check the TSS to ensure that all administrative methods of access available to the Security Administrator are listed and that the TSS states that the TOE is displaying an advisory notice and a consent warning message for each administrative method of access. The advisory notice and the consent warning message might be different for different administrative methods of access, and might be configured during initial configuration (e.g. via configuration file)."</new>

 

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201732rev2.pdf

 

Justification

The TSS activities are intended to give the evaluator enough information to identify the access methods that must be tested in section 2.6.4.3 (ND SD v2.0). Each access method may have different display capabilities, rendering a single access banner impractical or inappropriate.

 
 
Site Map              Contact Us              Home