NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0065:  Revision of FDP_PRT_EXT.1.2 requirement in APP SWFE EP v1.0

Publication Date
2015.10.02

Protection Profiles
PP_APP_SWFE_EP_v1.0

Other References

Issue Description

Changes to FDP_PRT_EXT.1.2 required to meet requirement

Resolution

Requirement currently reads: "FDP_PRT_EXT.1.2 The application shall [selection: invoke platform-provided functionality, implement functionality] to ensure that all sensitive data created by the TOE when decrypting/encrypting the user-selected file (or set of files) are destroyed in volatile and non-volatile memory upon completion of the decryption/encryption operation."

Revised to: "FDP_PRT_EXT.1.2 The application shall [selection: invoke platform-provided functionality, implement functionality] to ensure that all sensitive data created by the TOE when decrypting/encrypting the user-selected file (or set of files) are destroyed in volatile and non-volatile memory when the data is no longer needed."

 

Application Note currently reads: "The intent is that the TSF controls the use and clearing of any data that it manipulates. However, it is possible that the TSF shall only be invoking the The TSF is not responsible for temporary files that an editor application creates. An optional requirement on cleaning up the temporary files created by an editor application is in Appendix B. The TSF has “completed the decryption/encryption operation” after it has decrypted the file (or set of files) and any edited data has been stored encrypted and the plaintext editor has been closed."

Revised to: "The intent is that the TSF controls the use and clearing of any data that it manipulates that is not needed by the user (e.g. a temporary file created in non-volatile memory during the encryption/decryption process would be destroyed as soon as the process is completed). This should not prevent expected usage (e.g. the TOE may create a decrypted copy of a file as requested by the user).The TSF is also not responsible for temporary files that  non-TSF application creates (for example, a text editor may create a “checkpoint” file when editing a file that is protected by the TOE; the TOE does not have to try to keep track of or clean up these “checkpoint” files). An optional requirement on cleaning up the temporary files created by non-TSF application when operating on files protected by the TOE is in Appendix B."

 

Under Assurance Activities, TSS Activity Remove: "Requirement met by the platform: If the platform provides the FEK encryption/decryption, then the evaluator shall examine the TSS to verify that it describes how the FEK encryption/decryption is invoked."

 

Under Assurance Activities, TSS Activity Currently reads: "Requirement met by the TOE: The evaluator shall examine the TSS to ensure there is a high-level description of how the FEK is protected. The evaluator shall examine the TSS to ensure that it describes all temporary files/resources created or memory used during the decryption/encryption process. The TSS shall describe how the TSF or TOE platform deletes the non-volatile memory (for example, files) and volatile memory locations after the TSF is done with its decryption/encryption operation."

Revised to: "The evaluator shall examine the TSS to ensure there is a description of how the FEK is protected. The evaluator shall examine the TSS to ensure that it describes all temporary files/resources created or memory used during the decryption/encryption process and when those files/resources or memory is no longer needed. The TSS shall describe how the TSF or TOE platform deletes the non-volatile memory (for example, files) and volatile memory locations after the TSF is done with its decryption/encryption operation."

 

Under Assurance Activities, Tests Activity Remove: Remove from Tests Section: "These tests are only for application provided functionality:" 

Justification

Revision of requirement

 
 
Site Map              Contact Us              Home