NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0350:  Recording of voice and video call data

Publication Date
2018.09.06

Protection Profiles
EP_ESC_V1.0

Other References
FAU_STG.1/VVR, FAU_STG_EXT.1, FMT_SMF.1.1

Issue Description

Recording voice and video call data is inconsistent in the EP.

Resolution

May 22, 2019: This TD has been archived and replaced by TD0418

EP_ESC_V1.0 is modified as follows:

The following SFR is added:

FAU_STG_EXT.1  Recording Voice and Video Call Data

FAU_STG_EXT.1.1 The TSF shall [selection: have, not have] the capability to record voice and video call data.

Application Note: If "have" is selected, FAU_STG.1/VVR must be claimed and “Ability to enable/disable voice and video recordings for any registered VVoIP endpoint” must be selected in FMT_SMF.1.1.

Assurance Activity:

TSS

The evaluator shall examine the TSS to verify that it describes if the TSF has or does not have the capability to record voice and video call data.

Test

The test for this SFR is performed as part of FMT_SMF.1.1’s Assurance Activity.

 

FAU_STG.1/VVR is moved to Annex B, and will be mandatory if "have" is selected in FAU_STG_EXT.1.1.

 

FMT_SMF.1.1 is modified as follows:

FMT_SMF.1.1      The TSF shall be capable of performing the following management functions:

·         Ability to administer the TOE locally and remotely;

·         Ability to configure the access banner;

·         Ability to configure the session inactivity time before session termination or locking;

·         Ability to update the TOE, and to verify the updates using digital signature capability prior to installing those updates;

·         Ability to display the real time connection status of all VVoIP endpoints (hardware and software) and telecommunications devices;

·         Ability to clear all TSF data stored on disk;

·         [selection:

o    Ability to configure audit behavior;

o    Ability to configure the list of TOE-provided services available before an entity is identified and authenticated, as specified in FIA_UIA_EXT.1;

o    Ability to configure the cryptographic functionality;

o    Ability to configure the password policy;

o    Ability to specify the set of audited events;

o    Ability to configure the behavior of the TOE in response to a self-test failure;

o    Ability to enable/disable voice and video recordings for any registered VVoIP endpoint;

o    No other capabilities]

 

The Application Note for FMT_SMF.1.1 is modified as follows:

Application Note:  The TOE developer is encouraged, but not required, to provide a more sophisticated password strength policy than what is prescribed by FIA_PMG_EXT.1 as defined in the NDcPP. This may include the ability for an administrator to configure the metrics used to define an acceptable password. At minimum, the minimum password length must be configurable. If "have" is selected in FAU_STG_EXT.1.1, then "Ability to enable/disable voice and video recordings for any registered VVoIP endpoint" must be selected.

 

The Assurance Activity for FMT_SMF.1.1 is modified as follows:

Guidance

If "Ability to enable/disable voice and video recordings for any registered VVoIP endpoint" is selected, the evaluator shall examine the guidance document to verify it describes how to enable or disable recording of voice and video calls.

Test

Test 1 (Conditional): If "Ability to enable/disable voice and video recordings for any registered VVoIP endpoint" is selected, the evaluator shall deploy a test environment with two or more registered VVoIP endpoints. The evaluator shall choose two endpoints and configure the TOE to enable voice/video recording between them. The evaluator shall place a call between the two selected endpoints, verify that the call is successfully established, then terminate the call and verify that a recording is generated. The evaluator shall then configure the TOE to disable voice/video recording between the same two endpoints, repeat the call, verify that the call is established, then terminate the call. The evaluator shall examine the location where the first recording was generated and verify that no new recording is generated.

Test 2: The evaluator shall deploy a test environment with two or more registered VVoIP endpoints. The evaluator shall choose two endpoints, place a call between them, and verify that the call is successfully established. While the call is active, the evaluator shall use the TSF to review active connections and verify that the call is listed. The evaluator shall discontinue the call and verify that the TSF no longer shows it as active.

Test 3 (optional): If “ability to configure the password policy” is selected, the evaluator shall observe what the password strength policy is configured to by default on the TOE and shall verify that it is enforced by defining several weak administrative passwords for a given administrator account that are appropriately rejected by the TSF. The evaluator shall then modify the TOE’s password policy in such a manner that at least one of these weak passwords would now be accepted by the policy. The evaluator shall repeat the attempted password changes and observe that the TSF correctly accepts or rejects the passwords based on the new policy.

Justification

See issue description.

 
 
Site Map              Contact Us              Home