Раздел: Документация

0 ... 99 100 101 102 103 104 105 ... 117

For FPR UNO.3.1 the PP/ST author should identify the list of subjects from

which privacy related information should be protected when the specified services are provided.

In FPR UNO.3.1 the PP/ST author should specify the privacy related

information that will be protected from the specified subjects. Examples include the identity of the subject that used a service and the quantity of a service that has been used such as memory resource utilisation.

FPR UNO.4 Authorised user observability

User application notes

This component is used to require that there will be one or more authorised users with the rights to view the resource utilisation. Without this component, this review is allowed, but not mandated.

Operations

Assignment:

In FPR UNO.4.1 the PP/ST author should specify the set ofauthorised users for which the TSF must provide the capability to observe the resource utilisation. A set of authorised users, for example, could be a group of authorised users which can operate under the same role or can all use the same process(es).

In FPR UNO.4.1 the PP/ST author should specify the set of resources and/or services that the authorised user must be able to observe.

---

---

Annex J (informative)

Protection of the TSF (FPT)

This class contains families of functional requirements that relate to the integrity and management of the mechanisms that provide the TSF(independent ofTSP-specifics), and to the integrityof TSF data (independent of the specific contents of the TSP data). In some sense, families in this class may appear to duplicate components in the FDP (User data protection) class and may even be implemented using the same mechanisms. However, FDP focuses on user data protection, while FPT focuses on TSF data protection. In fact, components from the FPT class are necessary in order to provide requirements that the SFPs in the TOE cannot be tampered with or bypassed.

0 ... 99 100 101 102 103 104 105 ... 117