Protection Profile for QQQQ - GitHub Pages · 2021. 1. 25. · 1 Introduction 1.1 Overview The...

ProtectionProfileforQQQQ

Version:1.02015-08-14

NationalInformationAssurancePartnership

RevisionHistory

Version Date Comment

Round1 2015-04-23 Firstdraftofversion1.0forcomment

1.0 2015-08-14 Release-firstversionreleased

Contents

1 Introduction1.1 Overview1.2 Terms1.2.1 CommonCriteriaTerms1.2.2 TechnicalTerms1.3 CompliantTargetsofEvaluation1.3.1 TOEBoundary1.3.2 TOEPlatform1.4 UseCases2 ConformanceClaims3 SecurityProblemDescription3.1 Threats3.2 Assumptions4 SecurityObjectives4.1 SecurityObjectivesfortheTOE4.2 SecurityObjectivesfortheOperationalEnvironment4.3 SecurityObjectivesRationale5 SecurityRequirements5.1 SecurityFunctionalRequirements5.1.1 Something5.1.2 QQQQ5.1.3 QQQQ5.1.4 SecurityManagement(FMT)5.1.5 SecurityAudit(FAU)5.1.6 TOESecurityFunctionalRequirementsRationale5.2 SecurityAssuranceRequirements5.2.1 ClassASE:SecurityTarget5.2.2 ClassADV:Development5.2.3 ClassAGD:GuidanceDocumentation5.2.4 ClassALC:Life-cycleSupport5.2.5 ClassATE:Tests5.2.6 ClassAVA:VulnerabilityAssessment

AppendixA- Implementation-DependentRequirementsA.1 WidgetThingAppendixB- ExtendedComponentDefinitionsB.1 ExtendedComponentsTableB.2 ExtendedComponentDefinitionsB.2.1 FAU_STG_EXTSecurityStoreFiltering

AppendixC- InherentlySatisfiedRequirementsAppendixD- ValidationGuidelinesAppendixE- UseCaseTemplatesE.1 Elephant-owndeviceAppendixF- AcronymsAppendixG- Bibliography

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Introductionfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ppoverviewfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#glossaryfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#cc-termsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#tech-termsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#TOEdescriptionfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#TOEboundaryfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#TOEplatformfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#usecasesfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#cclaimsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#spdfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Threatsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#assumptionsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Security_Objectivesfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SecurityObjectivesTOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SecurityObjectivesTOEorEnvironmentfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SORfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Security_Requirementsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SFRsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Somethingfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOOfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#QQQQfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#fmt-2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#faufile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#obj-req-mapfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SARsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#asefile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#advfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#agdfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#alcfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#atefile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#avafile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#impl-reqsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#a-feature-idfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ext-comp-defsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ext-comp-defs-bgfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ext-comp-defs-bgfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ext-comp-FAU_STG_EXTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#satisfiedreqsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#appendix-rulesfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#use-case-appendixfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#appendix-elephantfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#acronymsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#appendix-bibliography

1Introduction

1.1OverviewContentadded11Feb2021:1307pm.Contentadded11Feb2021:1249pm.Σ

TableCaptionColumn1 Column2

Row1 Data1 Data2

Row2 Data3 Data4

Row2 Data7

Row3 Data5

ThescopeofthisProtectionProfile(PP)istodescribethesecurityfunctionalityofQQQQproductsintermsof[CC]andtodefinefunctionalandassurancerequirementsforsuchproducts.Anoperatingsystemissoftwarethatmanagescomputerhardwareandsoftwareresources,andprovidescommonservicesforapplicationprograms.Thehardwareitmanagesmaybephysical,virtualorimaginary.SomethingThisisgoingtoshowsometests:

TermswithabbrslikeASLR,orAPI,shouldbefoundalinkedautomatically.Andcomponentscanbereferedtobytheirname:FQQ_QQQ.1Andsocanrequirements:FQQ_QQQ.1.1orbytheiruniqueidentifier:FQQ_QQQ.1.1OryoucanstopthemASLRThisishowyoudoapicture:

Figure1:Niap'sLogoAndthisishowyoureferenceit:Figure1Thisishowyoudoanequationwithanarbitrarycounter:

(1)

Andthisishowyoureferenceit:Eq.1Thefollowingcontentshouldbeincludedif:

this,isselectedfromFQQ_QQQ.1.1Sometext

Thefollowingcontentshouldbeincludedif:theTOEimplements"WidgetThing"

SometingdependentonafeatureAndhere'stheauditeventtableformandatoryrequirements.Table2formoreinformation.TestforanxreftosectionSection3.1Threats

Andthisisanothersentence(orfragment).Iaddedthissentenceanddeletedthenextone.ThisusesthepluralacronymOSes.Andhere'sagenericcoutnerAbc1:SomeWordsAndhere'sthereferencetoitAbc1.

1.2TermsThefollowingsectionslistCommonCriteriaandtechnologytermsusedinthisdocument.

1.2.1CommonCriteriaTerms

Assurance GroundsforconfidencethataTOEmeetstheSFRs[CC].

CommonCriteria

WithinthecontextoftheCommonCriteriaEvaluationandValidationScheme(CCEVS),anITsecurityevaluationfacility,accreditedbytheNationalVoluntaryLaboratory

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#bibCCfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ASLRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_APIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#fig-logofile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#quadeqfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#aaafile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#t-audit-mandatoryfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Threatsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#c-abcfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#bibCCfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_IT

TestingLaboratory

AccreditationProgram(NVLAP)andapprovedbytheNIAPValidationBodytoconductCommonCriteria-basedevaluations.

CommonEvaluationMethodology(CEM)

CommonEvaluationMethodologyforInformationTechnologySecurityEvaluation.

DistributedTOE

ATOEcomposedofmultiplecomponentsoperatingasalogicalwhole.

OperationalEnvironment(OE)

HardwareandsoftwarethatareoutsidetheTOEboundarythatsupporttheTOEfunctionalityandsecuritypolicy.

ProtectionProfile(PP)

Animplementation-independentsetofsecurityrequirementsforacategoryofproducts.

ProtectionProfileConfiguration(PP-Configuration)

AcomprehensivesetofsecurityrequirementsforaproducttypethatconsistsofatleastoneBase-PPandatleastonePP-Module.

ProtectionProfileModule(PP-Module)

Animplementation-independentstatementofsecurityneedsforaTOEtypecomplementarytooneormoreBaseProtectionProfiles.

SecurityAssuranceRequirement(SAR)

ArequirementtoassurethesecurityoftheTOE.

SecurityFunctionalRequirement(SFR)

ArequirementforsecurityenforcementbytheTOE.

SecurityTarget(ST)

Asetofimplementation-dependentsecurityrequirementsforaspecificproduct.

TOESecurityFunctionality(TSF)

Thesecurityfunctionalityoftheproductunderevaluation.

TOESummarySpecification(TSS)

AdescriptionofhowaTOEsatisfiestheSFRsinanST.

TargetofEvaluation(TOE)

Theproductunderevaluation.

1.2.2TechnicalTerms

AddressSpaceLayoutRandomization(ASLR)

Ananti-exploitationfeaturewhichloadsmemorymappingsintounpredictablelocations.ASLRmakesitmoredifficultforanattackertoredirectcontroltocodethattheyhaveintroducedintotheaddressspaceofaprocess.

Administrator Anadministratorisresponsibleformanagementactivities,includingsettingpoliciesthatareappliedbytheenterpriseontheoperatingsystem.Thisadministratorcouldbeactingremotelythroughamanagementserver,fromwhichthesystemreceivesconfigurationpolicies.Anadministratorcanenforcesettingsonthesystemwhichcannotbeoverriddenbynon-administratorusers.

Application(app)

Softwarethatrunsonaplatformandperformstasksonbehalfoftheuserorowneroftheplatform,aswellasitssupportingdocumentation.

ApplicationProgrammingInterface(API)

Aspecificationofroutines,datastructures,objectclasses,andvariablesthatallowsanapplicationtomakeuseofservicesprovidedbyanothersoftwarecomponent,suchasalibrary.APIsareoftenprovidedforasetoflibrariesincludedwiththeplatform.

Credential Datathatestablishestheidentityofauser,e.g.acryptographickeyorpassword.

CriticalSecurityParameters(CSP)

Informationthatiseitheruserorsystemdefinedandisusedtooperateacryptographicmoduleinprocessingencryptionfunctionsincludingcryptographickeysandauthenticationdata,suchaspasswords,thedisclosureormodificationofwhichcancompromisethesecurityofacryptographicmoduleorthesecurityoftheinformationprotectedbythemodule.

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_NIAPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CEMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PP-Configurationfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_Base-PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PP-Modulefile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PP-Modulefile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SARfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ASLRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ASLRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_appfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_APIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CSP

DARProtection

Countermeasuresthatpreventattackers,eventhosewithphysicalaccess,fromextractingdatafromnon-volatilestorage.Commontechniquesincludedataencryptionandwiping.

DataExecutionPrevention(DEP)

Ananti-exploitationfeatureofmodernoperatingsystemsexecutingonmoderncomputerhardware,whichenforcesanon-executepermissiononpagesofmemory.DEPpreventspagesofmemoryfromcontainingbothdataandinstructions,whichmakesitmoredifficultforanattackertointroduceandexecutecode.

Developer AnentitythatwritesOSsoftware.Forthepurposesofthisdocument,vendorsanddevelopersarethesame.

GeneralPurposeOperatingSystem

AclassofOSesdesignedtosupportawide-varietyofworkloadsconsistingofmanyconcurrentapplicationsorservices.TypicalcharacteristicsforOSesinthisclassincludesupportforthird-partyapplications,supportformultipleusers,andsecurityseparationbetweenusersandtheirrespectiveresources.GeneralPurposeOperatingSystemsalsolackthereal-timeconstraintthatdefinesRealTimeOperatingSystems(RTOS).RTOSestypicallypowerrouters,switches,andembeddeddevices.

Host-basedFirewall

Asoftware-basedfirewallimplementationrunningontheOSforfilteringinboundandoutboundnetworktraffictoandfromprocessesrunningontheOS.

OperatingSystem(OS)

Softwarethatmanagesphysicalandlogicalresourcesandprovidesservicesforapplications.ThetermsTOEandOSareinterchangeableinthisdocument.

PersonallyIdentifiableInformation(PII)

Anyinformationaboutanindividualmaintainedbyanagency,including,butnotlimitedto,education,financialtransactions,medicalhistory,andcriminaloremploymenthistoryandinformationwhichcanbeusedtodistinguishortraceanindividual'sidentity,suchastheirname,socialsecuritynumber,dateandplaceofbirth,mother'smaidenname,biometricrecords,etc.,includinganyotherpersonalinformationwhichislinkedorlinkabletoanindividual.[OMB]

SensitiveData SensitivedatamayincludealluserorenterprisedataormaybespecificapplicationdatasuchasPII,emails,messaging,documents,calendaritems,andcontacts.Sensitivedatamustminimallyincludecredentialsandkeys.SensitivedatashallbeidentifiedintheOS'sTSSbytheSTauthor.

User Auserissubjecttoconfigurationpoliciesappliedtotheoperatingsystembyadministrators.Onsomesystemsundercertainconfigurations,anormalusercantemporarilyelevateprivilegestothatofanadministrator.Atthattime,suchausershouldbeconsideredanadministrator.

VirtualMachine(VM)

BlahBlahBlah

1.3CompliantTargetsofEvaluation

1.3.1TOEBoundary

Figure2:GeneralTOE

1.3.2TOEPlatform

1.4UseCasesRequirementsinthisProtectionProfilearedesignedtoaddressthesecurityproblemsinatleastthefollowingusecases.Theseusecasesareintentionallyverybroad,asmanyspecificusecasesexistforanoperatingsystem.Theseusecasesmayalsooverlapwithoneanother.Anoperatingsystem'sfunctionalitymayevenbeeffectivelyextendedbyprivilegedapplicationsinstalledontoit.However,theseareoutofscopeofthisPP.

[USECASE1]Elephant-owndeviceThisiseverythingweneedtodescribeinwordsaboutthisusecase.Forathelistofappropriateselectionsandacceptableassignmentvaluesforthisconfiguration,seeE.1

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_DARfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_DEPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_DEPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PIIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#bibOMBfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PIIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_VMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#appendix-elephant

Elephant-owndevice.

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#appendix-elephant

2ConformanceClaimsConformanceStatement

AnSTmustclaimexactconformancetothisPP,asdefinedintheCCandCEMaddendaforExactConformance,Selection-BasedSFRs,andOptionalSFRs(datedMay2017).

CCConformanceClaimsThisPPisconformanttoParts2(extended)and3(conformant)ofCommonCriteriaVersion3.1,Revision5.

PPClaimThisPPdoesnotclaimconformancetoanyProtectionProfile.

PackageClaimThisPPisFunctionalPackageforTransportLayerSecurity(TLS),version1.1ConformantandFunctionalPackageforSecureShell(SSH),version1.0Conformant.

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CCfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CEMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=onfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on

3SecurityProblemDescriptionThesecurityproblemisdescribedintermsofthethreatsthattheOSisexpectedtoaddress,assumptionsabouttheoperationalenvironment,andanyorganizationalsecuritypoliciesthattheOSisexpectedtoenforce.

3.1ThreatsT.NETWORK_ATTACK

Anattackerispositionedonacommunicationschannelorelsewhereonthenetworkinfrastructure.AttackersmayengageincommunicationswithapplicationsandservicesrunningonorpartoftheOSwiththeintentofcompromise.Engagementmayconsistofalteringexistinglegitimatecommunications.

T.NETWORK_EAVESDROPAnattackerispositionedonacommunicationschannelorelsewhereonthenetworkinfrastructure.AttackersmaymonitorandgainaccesstodataexchangedbetweenapplicationsandservicesthatarerunningonorpartoftheOS.

T.LOCAL_ATTACKAnattackermaycompromiseapplicationsrunningontheOS.ThecompromisedapplicationmayprovidemaliciouslyformattedinputtotheOSthroughavarietyofchannelsincludingunprivilegedsystemcallsandmessagingviathefilesystem.

T.LIMITED_PHYSICAL_ACCESSAnattackermayattempttoaccessdataontheOSwhilehavingalimitedamountoftimewiththephysicaldevice.

3.2AssumptionsA.PLATFORM

TheOSreliesuponatrustworthycomputingplatformforitsexecution.ThisunderlyingplatformisoutofscopeofthisPP.

A.PROPER_USERTheuseroftheOSisnotwillfullynegligentorhostile,andusesthesoftwareincompliancewiththeappliedenterprisesecuritypolicy.Atthesametime,malicioussoftwarecouldactastheuser,sorequirementswhichconfinemalicioussubjectsarestillinscope.

A.PROPER_ADMINTheadministratoroftheOSisnotcareless,willfullynegligentorhostile,andadministerstheOSwithincomplianceoftheappliedenterprisesecuritypolicy.

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OS

4SecurityObjectives

4.1SecurityObjectivesfortheTOEO.ACCOUNTABILITY

ConformantOSesensurethatinformationexiststhatallowsadministratorstodiscoverunintentionalissueswiththeconfigurationandoperationoftheoperatingsystemanddiscoveritscause.Gatheringeventinformationandimmediatelytransmittingittoanothersystemcanalsoenableincidentresponseintheeventofsystemcompromise.

O.INTEGRITYConformantOSesensuretheintegrityoftheirupdatepackages.OSesareseldomifevershippedwithouterrors,andtheabilitytodeploypatchesandupdateswithintegrityiscriticaltoenterprisenetworksecurity.ConformantOSesprovideexecutionenvironment-basedmitigationsthatincreasethecosttoattackersbyaddingcomplexitytothetaskofcompromisingsystems.

O.MANAGEMENTTofacilitatemanagementbyusersandtheenterprise,conformantOSesprovideconsistentandsupportedinterfacesfortheirsecurity-relevantconfigurationandmaintenance.Thisincludesthedeploymentofapplicationsandapplicationupdatesthroughtheuseofplatform-supporteddeploymentmechanismsandformats,aswellasprovidingmechanismsforconfigurationandapplicationexecutioncontrol.

O.PROTECTED_STORAGEToaddresstheissueoflossofconfidentialityofcredentialsintheeventoflossofphysicalcontrolofthestoragemedium,conformantOSesprovidedata-at-restprotectionforcredentials.ConformantOSesalsoprovideaccesscontrolswhichallowuserstokeeptheirfilesprivatefromotherusersofthesamesystem.

O.PROTECTED_COMMSToaddressbothpassive(eavesdropping)andactive(packetmodification)networkattackthreats,conformantOSesprovidemechanismstocreatetrustedchannelsforCSPandsensitivedata.BothCSPandsensitivedatashouldnotbeexposedoutsideoftheplatform.

4.2SecurityObjectivesfortheOperationalEnvironmentThefollowingsecurityobjectivesfortheoperationalenvironmentassisttheOSincorrectlyprovidingitssecurityfunctionality.Thesetrackwiththeassumptionsabouttheenvironment.

OE.PLATFORMTheOSreliesonbeinginstalledontrustedhardware.

OE.PROPER_USERTheuseroftheOSisnotwillfullynegligentorhostile,andusesthesoftwarewithincomplianceoftheappliedenterprisesecuritypolicy.Standarduseraccountsareprovisionedinaccordancewiththeleastprivilegemodel.Usersrequiringhigherlevelsofaccessshouldhaveaseparateaccountdedicatedforthatuse.

OE.PROPER_ADMINTheadministratoroftheOSisnotcareless,willfullynegligentorhostile,andadministerstheOSwithincomplianceoftheappliedenterprisesecuritypolicy.

4.3SecurityObjectivesRationaleThissectiondescribeshowtheassumptions,threats,andorganizationsecuritypoliciesmaptothesecurityobjectives.

Table1:SecurityObjectivesRationaleThreat,Assumption,orOSP SecurityObjectives Rationale

T.NETWORK_ATTACK O.PROTECTED_COMMS ThethreatT.NETWORK_ATTACKiscounteredbyO.PROTECTED_COMMSasthisprovidesforintegrityoftransmitteddata.

O.INTEGRITY ThethreatT.NETWORK_ATTACKiscounteredbyO.INTEGRITYasthisprovidesforintegrityofsoftwarethatisinstalledontothesystemfromthenetwork.

O.MANAGEMENT ThethreatT.NETWORK_ATTACKiscounteredbyO.MANAGEMENTasthisprovidesfortheabilitytoconfiguretheOStodefendagainstnetworkattack.

O.ACCOUNTABILITY ThethreatT.NETWORK_ATTACKiscounteredbyO.ACCOUNTABILITYasthisprovidesamechanismfortheOStoreport

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CSPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CSPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_ATTACKfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_COMMSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_ATTACKfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_COMMSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.INTEGRITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_ATTACKfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.INTEGRITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.MANAGEMENTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_ATTACKfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.MANAGEMENTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.ACCOUNTABILITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_ATTACKfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.ACCOUNTABILITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OS

behaviorthatmayindicateanetworkattackhasoccurred.

T.NETWORK_EAVESDROP O.PROTECTED_COMMS ThethreatT.NETWORK_EAVESDROPiscounteredbyO.PROTECTED_COMMSasthisprovidesforconfidentialityoftransmitteddata.

O.MANAGEMENT ThethreatT.NETWORK_EAVESDROPiscounteredbyO.MANAGEMENTasthisprovidesfortheabilitytoconfiguretheOStoprotecttheconfidentialityofitstransmitteddata.

T.LOCAL_ATTACK O.INTEGRITY TheobjectiveO.INTEGRITYprotectsagainsttheuseofmechanismsthatweakentheTOEwithregardtoattackbyothersoftwareontheplatform.

O.ACCOUNTABILITY TheobjectiveO.ACCOUNTABILITYprotectsagainstlocalattacksbyprovidingamechanismtoreportbehaviorthatmayindicatealocalattackisoccurringorhasoccurred.

T.LIMITED_PHYSICAL_ACCESS O.PROTECTED_STORAGE TheobjectiveO.PROTECTED_STORAGEprotectsagainstunauthorizedattemptstoaccessphysicalstorageusedbytheTOE.

A.PLATFORM OE.PLATFORM TheoperationalenvironmentobjectiveOE.PLATFORMisrealizedthroughA.PLATFORM.

A.PROPER_USER OE.PROPER_USER TheoperationalenvironmentobjectiveOE.PROPER_USERisrealizedthroughA.PROPER_USER.

A.PROPER_ADMIN OE.PROPER_ADMIN TheoperationalenvironmentobjectiveOE.PROPER_ADMINisrealizedthroughA.PROPER_ADMIN.

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_EAVESDROPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_COMMSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_EAVESDROPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_COMMSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.MANAGEMENTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.NETWORK_EAVESDROPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.MANAGEMENTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.LOCAL_ATTACKfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.INTEGRITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.INTEGRITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.ACCOUNTABILITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.ACCOUNTABILITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#T.LIMITED_PHYSICAL_ACCESSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_STORAGEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_STORAGEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#A.PLATFORMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#OE.PLATFORMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#OE.PLATFORMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#A.PLATFORMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#A.PROPER_USERfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#OE.PROPER_USERfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#OE.PROPER_USERfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#A.PROPER_USERfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#A.PROPER_ADMINfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#OE.PROPER_ADMINfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#OE.PROPER_ADMINfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#A.PROPER_ADMIN

5SecurityRequirementsThischapterdescribesthesecurityrequirementswhichhavetobefulfilledbytheproductunderevaluation.ThoserequirementscomprisefunctionalcomponentsfromPart2andassurancecomponentsfromPart3of[CC].Thefollowingconventionsareusedforthecompletionofoperations:

Refinementoperation(denotedbyboldtextorstrikethroughtext):isusedtoadddetailstoarequirement(includingreplacinganassignmentwithamorerestrictiveselection)ortoremovepartoftherequirementthatismadeirrelevantthroughthecompletionofanotheroperation,andthusfurtherrestrictsarequirement.Selection(denotedbyitalicizedtext):isusedtoselectoneormoreoptionsprovidedbythe[CC]instatingarequirement.Assignmentoperation(denotedbyitalicizedtext):isusedtoassignaspecificvaluetoanunspecifiedparameter,suchasthelengthofapassword.Showingthevalueinsquarebracketsindicatesassignment.Iterationoperation:isindicatedbyappendingtheSFRnamewithaslashanduniqueidentifiersuggestingthepurposeoftheoperation,e.g."/EXAMPLE1."

5.1SecurityFunctionalRequirements

5.1.1SomethingHere'swhwerewetalkaboutanaudittable.

Table2:AuditableEventsforMandatoryRequirements

Requirement AuditableEventsAdditional

AuditRecordContents

FQQ_QQQ.1 Onfailureofauditdatacaptureduetolackofdiskspaceorpre-definedlimit.

None.

FAU_STG_EXT.1 Failureofauditdatacaptureduetolackofdiskspaceorpre-definedlimit.Onfailureofloggingfunction,capturerecordoffailureandrecorduponrestartofloggingfunction.

5.1.2QQQQ

FOO_FOO.1FooFooFOO_FOO.1.1

TheTOEshallconsisteof[selection:soup,salad]followedby[selection:pizza,spaghetti,ratatouille,sushi]with[selection:white,red].

ApplicationNote:ValidationGuidelines:Rule#1

EvaluationActivities

FOO_FOO.1Thefollowingcontentshouldbeincludedif:

pizza,isselectedfromFOO_FOO.1.1Checkforanchovies

SpecifictothecomponenetTSSABCFOO_FOO.1.1SpecifictotheelementTSSABC

FOO_BAR.1FooBarFOO_BAR.1.1

TheTOEshalldrink[selection:tea,coffee].

ApplicationNote:ValidationGuidelines:Rule#2:Selectionsteaandcrackersmustbechosentogetherornotatall.

FOO_BAR.1.2TheTOEshalleat[selection:crackers,nothing]

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#bibCCfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CCfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG_EXT.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_FOO.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#r-winefile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_FOO.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#pizzafile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_FOO.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_FOO.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_BAR.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#r-snackfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#teafile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#crackersfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_BAR.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOE

ApplicationNote:DeonstratingrulesacrosselementsValidationGuidelines:

Rule#2:Selectionsteaandcrackersmustbechosentogetherornotatall.

FOO_BAR.1.3Testingselectables

something[selection:

abc,def

]somethingelse


FOO_BAR.1SomethingSomethingTSSABCGuidanceSomeguidance

5.1.3QQQQ

FQQ_QQQ.1QQQQQFQQ_QQQ.1.1

TheTOEshalldoeither[selection:this,that].

ApplicationNote:


FQQ_QQQ.1TSSActivitiesassoiatedwiththeTSS.GuidanceActivitiesassoiatedwithguidanceTests

Test1:Makeshadowpuppets.Objective:Thisisthemotivationbehindthetests.Evidence:Awarmfuzzyfeeling

ActivitiesassoiatedwiththeTests.Thefollowingcontentshouldbeincludedif:

ForvirtualTOEsGreattestsforsomethingvirtual.

Thefollowingcontentshouldbeincludedif:Forphysical/imaginaryTOEs

Greattestsforsomethingtangibleorinmymind.

FQQ_QQQ.3BQQQQQ

Thisisanobjectivecomponent.

FQQ_QQQ.3.1TheTOEshalldo[assignment:guidanceonwhatthingsshouldbeassignable].

ApplicationNote:Notes.Notes.Notes.


FQQ_QQQ.3GuidanceActivitiesassoiatedwithguidance

FQQ_QQQ.2TQQQQQ

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#r-snackfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#teafile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#crackersfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_BAR.1.3file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FOO_BAR.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.3.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.3

Thisisanoptionalcomponent.However,appliedmodulesorpackagesmightredefineitasmandatory.

FQQ_QQQ.2.1TheTOEshalldosoemthing.

ApplicationNote:


FQQ_QQQ.2TSSActivitiesassoiatedwiththeTSS.

FAA_ABC.1Foreigndepends

Thisisaselection-basedcomponent.ItsinclusiondependsuponselectionfromFCS_TLS_EXT.1.1fromFunctionalPackageforTransportLayerSecurity(TLS),version1.1.

FAA_ABC.1.1TheTOEisrequiredtodosomethingbasedonaselectionintheincludedTLSpackage


FAA_ABC.1Testsabcdefg

FQQ_QQQ.4UQQQQQ

Thisisaselection-basedcomponent.ItsinclusiondependsuponselectionfromFQQ_QQQ.1.1.

FQQ_QQQ.4.1TheTOEshalldosomethinggreat.

ApplicationNote:



FQQ_QQQ.6WQQQQQ

Thisisanimplementation-basedcomponent.ItsinclusionindependsonwhethertheTOEimplementsoneormoreofthefollowingfeatures:

asdescribedinAppendixA:Implementation-basedRequirements.

FQQ_QQQ.6.1TheTOEshalldosomethingwithregardstosomeimplementation.

ApplicationNote:



file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.2.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSShttps://www.niap-ccevs.org/Profile/Info.cfm?PPID=439&id=439file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAA_ABC.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TLSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAA_ABC.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.4.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.4file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.6.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FQQ_QQQ.6file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSS

5.1.4SecurityManagement(FMT)

FMT_SMF.1/HOSTSpecificationofManagementFunctions(EDRManagementofHostAgent)FMT_SMF.1.1/HOST

TheEDRshallbecapableofperformingthefollowingfunctionsthatcontrolbehavioroftheHostAgent:

# ManagementFunction Administrator SOCAnalyst

Read-OnlyUser

1 ConfigurethetimeframeforsendingHostAgentdatatotheEDR

[assignment:listofconfigurabletimeframes]

2 Assignalabelortagtocategorizeorgroupindividualendpointsystems

ApplicationNote:ThisrequirementcapturesalltheconfigurationfunctionalitytheEDRprovidestheadministratortoconfiguretheEDRHostAgents.

Chartlegend:X=Mandatory,O=Optional,-=N/A


FMT_SMF.1/HOSTTSSTheevaluatorshallverifytheSTcontainsalistofrolesandwhatfunctionstheycanperform.Theevaluatorshallverifythelistmatchesthechartintherequirement.GuidanceTheevaluatorshallreviewtheoperationalguidancetoverifythattheEDRhasdocumentedcapabilitiestoperformthemanagementfunctions.TestsTheevaluatorshallperformthebelowtests:

Test1:TheevaluatorshallmodifythetimeframeforsendingHostAgentdatatotheEDRandverifythatanaffectedHostAgentissendingdataattheintendedinterval.Test2:TheevaluatorshalltagorcategorizeagroupofindividualendpointsystemsandverifythatthetagorcategorizationpersistswithintheEDRmanagementdashboardforotherusers.Test3:Theevaluatorshallattempteachfunctionwitheachroleandverifyaccessconformswiththechartintherequirement.

Objective:Thisisthemotivationbehindthetests.Evidence:Acheckshouldappear.

5.1.5SecurityAudit(FAU)

FAU_GEN.1AuditDataGenerationFAU_GEN.1.1

TheTSFshallbeabletogenerateanauditrecordofthefollowingauditableevents:

a. Start-upandshutdownofauditfunctionsb. Alladministrativeactionsc. [SpecificallydefinedauditableeventsinTable1]d. [selection:additionalinformationdefinedinTable2,additionalinformation

definedinTable3,additionalinformationdefinedinTable4,additionalinformationdefinedininTable5,nootherinformation]

FAU_GEN.1.2TheTSFshallrecordwithineachauditrecordatleastthefollowinginformation:

a. Dateandtimeoftheeventb. Typeofeventc. Subjectandobjectidentity(ifapplicable)d. Theoutcome(successorfailure)oftheevente. [AdditionalinformationdefinedinTable1]f. [selection:additionalinformationdefinedinTable2,additionalinformation

definedinTable3,additionalinformationdefinedinTable4,additionalinformationdefinedininTable5,nootherinformation]

ApplicationNote:TheSTauthorcanincludeotherauditableeventsdirectlyin

M O -

M O -

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FMT_SMF.1.1/HOSTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FMT_SMF.1/HOSTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ST

Table1;theyarenotlimitedtothelistpresented.TheSTauthorshouldupdatethetableinFAU_GEN.1.2withanyadditionalinformationgenerated.“Subjectidentity”inFAU_GEN.1.2couldbeauseridoranidentifierspecifyingaVM,forexample.

If‘additionalinformationdefinedinTable3’isselected,itisacceptabletoincludeindividualentriesfromTable3withoutincludingtheentiretyofTable3.AppropriateentriesfromTables2,4,and5shouldbeincludedintheSTiftheassociatedSFRsandselectionsareincluded.

TheTable1entryforFDP_VNC_EXT.1referstoconfigurationsettingsthatattachVMstovirtualizednetworkcomponents.ChangestotheseconfigurationscanbemadeduringVMexecutionorwhenVMsarenotrunning.Auditrecordsmustbegeneratedforeithercase.

TheintentoftheauditrequirementforFDP_PPR_EXT.1istologthattheVMisconnectedtoaphysicaldevice(whenthedevicebecomespartoftheVM’shardwareview),nottologeverytimethatthedeviceisaccessed.Generally,thisisonlyonceatVMstartup.However,somedevicescanbeconnectedanddisconnectedduringoperation(e.g.,virtualUSBdevicessuchasCD-ROMs).Allsuchconnection/disconnectioneventsmustbelogged.


FAU_GEN.1TSSTheevaluatorshallchecktheTSSandensurethatitlistsalloftheauditableeventsandprovidesaformatforauditrecords.Eachauditrecordformattypeshallbecovered,alongwithabriefdescriptionofeachfield.TheevaluatorshallchecktomakesurethateveryauditeventtypemandatedbythePPisdescribedintheTSS.

GuidanceTheevaluatorshallalsomakeadeterminationoftheadministrativeactionsthatarerelevantinthecontextofthisPP.Theevaluatorshallexaminetheadministrativeguideandmakeadeterminationofwhichadministrativecommands,includingsubcommands,scripts,andconfigurationfiles,arerelatedtotheconfiguration(includingenablingordisabling)ofthemechanismsimplementedintheTOEthatarenecessarytoenforcetherequirementsspecifiedinthePP.Theevaluatorshalldocumentthemethodologyorapproachtakenwhiledeterminingwhichactionsintheadministrativeguidearesecurity-relevantwithrespecttothisPP.

TestsTheevaluatorshalltesttheTOE’sabilitytocorrectlygenerateauditrecordsbyhavingtheTOEgenerateauditrecordsfortheeventslistedandadministrativeactions.Foradministrativeactions,theevaluatorshalltestthateachactiondeterminedbytheevaluatorabovetobesecurityrelevantinthecontextofthisPPisauditable.Whenverifyingthetestresults,theevaluatorshallensuretheauditrecordsgeneratedduringtestingmatchtheformatspecifiedintheadministrativeguide,andthatthefieldsineachauditrecordhavetheproperentries.

Notethatthetestingherecanbeaccomplishedinconjunctionwiththetestingofthesecuritymechanismsdirectly.SeeTable2formoreinformation.

FAU_SAR.1AuditReviewFAU_SAR.1.1

TheTSFshallprovide[administrators]withthecapabilitytoread[allinformation]fromtheauditrecords.

FAU_SAR.1.2TheTSFshallprovidetheauditrecordsinamannersuitablefortheusertointerprettheinformation.


FAU_SAR.1GuidanceTheevaluatorshallreviewtheoperationalguidancefortheprocedureonhowtoreviewtheauditrecords.TestsTheevaluatorshallverifythattheauditrecordsprovidealloftheinformationspecifiedinFAU_GEN.1andthatthisinformationissuitableforhumaninterpretation.TheassuranceactivityforthisrequirementisperformedinconjunctionwiththeassuranceactivityforFAU_GEN.1.

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_VMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_VMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_VMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_VMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_VMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_USBfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#t-audit-mandatoryfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAR.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAR.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAR.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1

FAU_STG.1ProtectedAuditTrailStorageFAU_STG.1.1

TheTSFshallprotectthestoredauditrecordsintheaudittrailfromunauthorizeddeletion.

FAU_STG.1.2TheTSFshallbeableto[prevent]modificationstothestoredauditrecordsintheaudittrail.

ApplicationNote:TheassuranceactivityforthisSFRisnotintendedtoimplythattheTOEmustsupportanadministrator’sabilitytodesignateindividualauditrecordsfordeletion.Thatlevelofgranularityisnotrequired.


FAU_STG.1TheevaluatorshallensurethattheTSSdescribeshowtheauditrecordsareprotectedfromunauthorizedmodificationordeletion.TheevaluatorshallensurethattheTSSdescribestheconditionsthatmustbemetforauthorizeddeletionofauditrecords.Theevaluatorshallperformthefollowingtests:

TestsTest1:TheevaluatorshallaccesstheaudittrailasanunauthorizedAdministratorandattempttomodifyanddeletetheauditrecords.Theevaluatorshallverifythattheseattemptsfail.Test2:TheevaluatorshallaccesstheaudittrailasanauthorizedAdministratorandattempttodeletetheauditrecords.Theevaluatorshallverifythattheseattemptssucceed.Theevaluatorshallverifythatonlytherecordsauthorizedfordeletionaredeleted.

FAU_STG_EXT.1Off-LoadingofAuditDataFAU_STG_EXT.1.1

TheTSFshallbeabletotransmitthegeneratedauditdatatoanexternalITentityusingatrustedchannelasspecifiedinFTP_ITC_EXT.1.

FAU_STG_EXT.1.2TheTSFshall[selection:dropnewauditdata,overwritepreviousauditrecordsaccordingtothefollowingrule:[assignment:ruleforoverwritingpreviousauditrecords],[assignment:otheraction]]whenthelocalstoragespaceforauditdataisfull.

ApplicationNote:Anexternallogserver,ifavailable,mightbeusedasalternativestoragespaceincasethelocalstoragespaceisfull.An‘otheraction’couldbedefinedinthiscaseas‘sendthenewauditdatatoanexternalITentity’.


FAU_STG_EXT.1ProtocolsusedforimplementingthetrustedchannelmustbeselectedinFTP_ITC_EXT.1.TSSTheevaluatorshallexaminetheTSStoensureitdescribesthemeansbywhichtheauditdataaretransferredtotheexternalauditserver,andhowthetrustedchannelisprovided.TheevaluatorshallexaminetheTSStoensureitdescribeswhathappenswhenthelocalauditdatastoreisfull.GuidanceTheevaluatorshallexaminetheoperationalguidancetoensureitdescribeshowtoestablishthetrustedchanneltotheauditserver,aswellasdescribeanyrequirementsontheauditserver(particularauditserverprotocol,versionoftheprotocolrequired,etc.),aswellasconfigurationoftheTOEneededtocommunicatewiththeauditserver.Theevaluatorshallalsoexaminetheoperationalguidancetodeterminethatitdescribestherelationshipbetweenthelocalauditdataandtheauditdatathataresenttotheauditlogserver.Forexample,whenanauditeventisgenerated,isitsimultaneouslysenttotheexternalserverandthelocalstore,oristhelocalstoreusedasabufferand“cleared”periodicallybysendingthedatatotheauditserver.TestsTestingofthetrustedchannelmechanismistobeperformedasspecifiedintheassuranceactivitiesforFTP_ITC_EXT.1.

Theevaluatorshallperformthefollowingtestforthisrequirement:

Test1:TheevaluatorshallestablishasessionbetweentheTOEandtheauditserveraccordingtotheconfigurationguidanceprovided.TheevaluatorshallthenexaminethetrafficthatpassesbetweentheauditserverandtheTOEduringseveralactivitiesoftheevaluator’schoicedesignedtogenerateauditdatatobetransferredtotheauditserver.The

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG_EXT.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ITfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG_EXT.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ITfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG_EXT.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOE

evaluatorshallobservethatthesedataarenotabletobeviewedintheclearduringthistransfer,andthattheyaresuccessfullyreceivedbytheauditserver.Theevaluatorshallrecordtheparticularsoftware(name,version)usedontheauditserverduringtesting.

Theevaluatorshallperformoperationsthatgenerateauditdataandverifythatthisdataisstoredlocally.TheevaluatorshallperformoperationsthatgenerateauditdatauntilthelocalstoragespaceisexceededandverifiesthattheTOEcomplieswiththebehaviordefinedintheSTforFAU_STG_EXT.1.2.

FAU_ARP.1SecurityAuditAutomaticResponse


FAU_ARP.1.1TheTSFshalltake[assignment:listofactions]upondetectionofapotentialsecurityviolation.

ApplicationNote:Incertaincases,itmaybeusefulforVirtualizationSystemstoperformautomatedresponsestocertainsecurityevents.AnexamplemayincludehaltingaVMwhichhastakensomeactiontoviolateakeysystemsecuritypolicy.Thismaybeespeciallyusefulwithheadlessendpointswhenthereisnohumanuserintheloop.

ThepotentialsecurityviolationmentionedinFAU_ARP.1.1referstoFAU_SAA.1.


FAU_ARP.1TestsTheevaluatorshallgenerateapotentialsecurityviolationasdefinedinFAU_SAA.1andverifythateachactionintheassignmentinFAU_ARP.1.1isperformedbytheTSFasaresult.TheevaluatorshallperformthisactionforeachsecurityviolationthatisdefinedinFAU_SAA.1.

FAU_SAA.1SecurityAuditAnalysis


FAU_SAA.1.1TheTSFshallbeabletoapplyasetofrulesinmonitoringtheauditedeventsandbasedupontheserulesindicateapotentialviolationoftheenforcementoftheSFRs.

FAU_SAA.1.2TheTSFshallenforcethefollowingrulesformonitoringauditedevents:

a. accumulationorcombinationof[assignment:subsetofdefinedauditableevents]knowntoindicateapotentialsecurityviolation

b. [assignment:anyotherrules]

ApplicationNote:ThepotentialsecurityviolationdescribedinFAU_SAA.1canbeusedasatriggerforautomatedresponsesasdefinedinFAU_ARP.1.


FAU_SAA.1TestsTheevaluatorshallcauseeachcombinationofauditableeventsdefinedinFAU_SAA.1.2tooccur,andverifythatapotentialsecurityviolationisindicatedbytheTSF.

5.1.6TOESecurityFunctionalRequirementsRationaleThefollowingrationaleprovidesjustificationforeachsecurityobjectivefortheTOE,showingthattheSFRsaresuitabletomeetandachievethesecurityobjectives:

Table3:SFRRationaleObjective Addressedby Rationale

O.ACCOUNTABILITY FAU_GEN.1 'causeFAU_GEN.1

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_STG_EXT.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_ARP.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_VMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_ARP.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_ARP.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_ARP.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_ARP.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_SAA.1.2file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TOEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.ACCOUNTABILITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#FAU_GEN.1

isawesome

FTP_ITC_EXT.1 CauseFTPreasons

O.INTEGRITY FPT_SBOP_EXT.1 Forreasons

FPT_ASLR_EXT.1 ASLRForreasons

FPT_TUD_EXT.1 Forreasons

FPT_TUD_EXT.2 Forreasons

FCS_COP.1/HASH Forreasons

FCS_COP.1/SIGN Forreasons

FCS_COP.1/KEYHMAC Forreasons

FPT_ACF_EXT.1 Forreasons

FPT_SRP_EXT.1 Forreasons

FIA_X509_EXT.1 Forreasons

FPT_TST_EXT.1 Forreasons

FTP_ITC_EXT.1 Forreasons

FPT_W^X_EXT.1 Forreasons

FIA_AFL.1 Forreasons

FIA_UAU.5 Forreasons

O.MANAGEMENT FMT_MOF_EXT.1 Forreasons

FMT_SMF_EXT.1 Forreasons

FTA_TAB.1 Forreasons

FTP_TRP.1 Forreasons

O.PROTECTED_STORAGE FCS_STO_EXT.1,FCS_RBG_EXT.1,FCS_COP.1/ENCRYPT,FDP_ACF_EXT.1

Rationaleforabigchunk

O.PROTECTED_COMMS FCS_RBG_EXT.1,FCS_CKM.1,FCS_CKM.2,FCS_CKM_EXT.4,FCS_COP.1/ENCRYPT,FCS_COP.1/HASH,FCS_COP.1/SIGN,FCS_COP.1/HMAC,FDP_IFC_EXT.1,FIA_X509_EXT.1,FIA_X509_EXT.2,FTP_ITC_EXT.1

Rationaleforabigchunk

5.2SecurityAssuranceRequirementsTheSecurityObjectivesinSection4SecurityObjectiveswereconstructedtoaddressthreatsidentifiedinSection3.1Threats.TheSecurityFunctionalRequirements(SFRs)inSection5.1SecurityFunctionalRequirementsareaformalinstantiationoftheSecurityObjectives.ThePPidentifiestheSecurityAssuranceRequirements(SARs)toframetheextenttowhichtheevaluatorassessesthedocumentationapplicablefortheevaluationandperformsindependenttesting.ThissectionliststhesetofSARsfromCCpart3thatarerequiredinevaluationsagainstthisPP.IndividualAssuranceActivitiesobeperformedarespecifiedbothinSection5.1SecurityFunctionalRequirementsaswellasinthissection.ThegeneralmodelforevaluationofOSsagainstSTswrittentoconformtothisPPisasfollows:AftertheSThasbeenapprovedforevaluation,theTSEFwillobtaintheOS,supportingenvironmentalIT,andtheadministrative/userguidesfortheOS.TheITSEFisexpectedtoperformactionsmandatedbytheCommonEvaluationMethodology(CEM)fortheASEandALCSARs.TheITSEFalsoperformstheAssuranceActivitiescontainedwithinSection5.1SecurityFunctionalRequirements,whichareintendedtobeaninterpretationoftheotherCEMassurancerequirementsastheyapplytothespecifictechnologyinstantiatedintheOS.TheAssuranceActivitiesthatarecapturedinSection5.1SecurityFunctionalRequirementsalsoprovideclarificationastowhatthedeveloperneedstoprovidetodemonstratetheOSiscompliantwiththePP.

5.2.1ClassASE:SecurityTargetAsperASEactivitiesdefinedin[CEM].

5.2.2ClassADV:DevelopmentTheinformationabouttheOSiscontainedintheguidancedocumentationavailabletotheenduseraswellas

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.INTEGRITYfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ASLRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.MANAGEMENTfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_STORAGEfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#O.PROTECTED_COMMSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_HMACfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Security_Objectivesfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#Threatsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SFRsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CCfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SFRsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ITfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ITSEFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CEMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_ITSEFfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SFRsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_CEMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SFRsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#bibCEMfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OS

theTSSportionoftheST.TheOSdevelopermustconcurwiththedescriptionoftheproductthatiscontainedintheTSSasitrelatestothefunctionalrequirements.TheAssuranceActivitiescontainedinSection5.1SecurityFunctionalRequirementsshouldprovidetheSTauthorswithsufficientinformationtodeterminetheappropriatecontentfortheTSSsection.

ADV_FSP.1BasicFunctionalSpecification(ADV_FSP.1)ThefunctionalspecificationdescribestheTSFIs.Itisnotnecessarytohaveaformalorcompletespecificationoftheseinterfaces.Additionally,becauseOSsconformingtothisPPwillnecessarilyhaveinterfacestotheOperationalEnvironmentthatarenotdirectlyinvokablebyOSusers,thereislittlepointspecifyingthatsuchinterfacesbedescribedinandofthemselvessinceonlyindirecttestingofsuchinterfacesmaybepossible.ForthisPP,theactivitiesforthisfamilyshouldfocusonunderstandingtheinterfacespresentedintheTSSinresponsetothefunctionalrequirementsandtheinterfacespresentedintheAGDdocumentation.Noadditional“functionalspecification”documentationisnecessarytosatisfytheassuranceactivitiesspecified.Theinterfacesthatneedtobeevaluatedarecharacterizedthroughtheinformationneededtoperformtheassuranceactivitieslisted,ratherthanasanindependent,abstractlist.

Developeractionelements:ADV_FSP.1.1D

Thedevelopershallprovideafunctionalspecification.

Note:Anehere'saDevelopers'note

Contentandpresentationelements:ADV_FSP.1.1C

ThedevelopershallprovideatracingfromthefunctionalspecificationtotheSFRs.

ApplicationNote:Asindicatedintheintroductiontothissection,thefunctionalspecificationiscomprisedoftheinformationcontainedintheAGD_OPEandAGD_PREdocumentation.Thedevelopermayreferenceawebsiteaccessibletoapplicationdevelopersandtheevaluator.TheassuranceactivitiesinthefunctionalrequirementspointtoevidencethatshouldexistinthedocumentationandTSSsection;sincethesearedirectlyassociatedwiththeSFRs,thetracinginelementADV_FSP.1.2Disimplicitlyalreadydoneandnoadditionaldocumentationisnecessary.

ADV_FSP.1.2CThefunctionalspecificationshalldescribethepurposeandmethodofuseforeachSFR-enforcingandSFR-supportingTSFI.

ADV_FSP.1.3CThefunctionalspecificationshallidentifyallparametersassociatedwitheachSFR-enforcingandSFR-supportingTSFI.

ADV_FSP.1.4CThefunctionalspecificationshallproviderationalefortheimplicitcategorizationofinterfacesasSFR-non-interfering.

ADV_FSP.1.5CThetracingshalldemonstratethattheSFRstracetoTSFIsinthefunctionalspecification.

Evaluatoractionelements:ADV_FSP.1.1E

Theevaluatorshallconfirmthattheinformationprovidedmeetsallrequirementsforcontentandpresentationofevidence.

ADV_FSP.1.2ETheevaluatorshalldeterminethatthefunctionalspecificationisanaccurateandcompleteinstantiationoftheSFRs.


ADV_FSP.1TherearenospecificassuranceactivitiesassociatedwiththeseSARs,exceptensuringtheinformationisprovided.ThefunctionalspecificationdocumentationisprovidedtosupporttheevaluationactivitiesdescribedinSection5.1SecurityFunctionalRequirements,andotheractivitiesdescribedforAGD,ATE,andAVASARs.Therequirementsonthecontentofthefunctionalspecificationinformationisimplicitlyassessedbyvirtueoftheotherassuranceactivitiesbeingperformed;iftheevaluatorisunabletoperformanactivitybecausethereisinsufficientinterfaceinformation,thenanadequatefunctionalspecificationhasnotbeenprovided.

file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#SFRsfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_STfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_OSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_PPfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.1Dfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.1Cfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSSfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1file:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.2Cfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.3Cfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.4Cfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_SFRfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.5Cfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#abbr_TSFIfile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.1Efile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#ADV_FSP.1.2Efile:///home/runner/work/pp-template/pp-template/commoncriteria.github.io/pp/pp-template/pp-template.html?expand=on#file:///home/runner/work/pp-template/pp-templat

Date post:	29-Jan-2021
Category:	Documents
Upload:	others
View:	0 times
Download:	0 times

Protection Profile for QQQQ - GitHub Pages · 2021. 1. 25. · 1 Introduction 1.1 Overview The...

Documents