Раздел: Документация
0 ... 16 17 18 19 20 21 22 ... 117 6.2 Access control functions (FDP ACF) Family behaviour This family describes the rules for the specific functions that can implement an access control policy named in FDPACC. FDPACC specifies the scope of control of the policy. Component levelling FDP ACF Access control functions\-\ 1 This family addresses security attribute usage and characteristics of policies. The component within this family is meant to be used to describe the rules for the function that implements the SFP as identified in FDPACC. The PP/ST author may also iterate this component to address multiple policies in the TOE. FDPACF.1 Security attribute based access control allows the TSF to enforce access based upon security attributes and named groups of attributes. Furthermore, the TSF may have the ability to explicitly authorise or deny access to an object based upon security attributes. Management: FDPACF.1 The following actions could be considered for the management functions in FMT Management: a) Managing the attributes used to make explicit access or denial based decisions. Audit: FDPACF.1 The following events should be auditable if FAUGEN Security audit data generation is included in the PP/ST: a)Minimal: Successful requests to perform an operation on an obj ect covered by the SFP. b)Basic: All requests to perform an operation on an object covered by the SFP. c)Detailed: The specific security attributes used in making an access check. FDPACF.1 Security attribute based access control Hierarchical to: No other components. FDPACF.1.1 The TSF shall enforce the [assignment: access control SFP] to objects based on [assignment: security attributes, named groups of security attributes]. FDP ACF.1.2 The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: [assignment: rules governing access among controlled subjects and controlled objects using controlled operations on controlled objects]. FDPACF.1.3 The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: [assignment: rules, based on security attributes, that explicitlyauthorise access of subjects to objects]. FDPACF.1.4 The TSF shall explicitly deny access of subjects to objects based on the [assignment: rules, based on security attributes, that explicitly deny access of subjects to objects]. Dependencies: FDP ACC.1 Subset access control FMT MSA.3 Static attribute initialisation 6.3 Data authentication (FDP DAU) Family behaviour Data authentication permits an entity to accept responsibility for the authenticity of information (e.g., by digitally signing it). This family provides a method of providing a guarantee of the validity of a specific unit of data that can be subsequently used to verify that the information content has not been forged or fraudulently modified. In contrast to Class FCO, this family is intended to be applied to "static" data rather than data that is being transferred. Component levelling FDP DAU Data authentication
FDPDAU. 1 Basic Data Authentication requires that the TSF is capable of generating a guarantee of authenticity of the information content of objects (e.g. documents). FDPDAU.2 Data Authentication with Identity of Guarantor additionally requires that the TSF is capable of establishing the identity of the subject who provided the guarantee of authenticity. Management: FDPDAU.1, FDPDAU.2 The following actions could be considered for the management functions in FMT Management: a) The assignment or modification of the objects for which data authentication may apply could be configurable in the system. Audit: FDPDAU.1 The following events should be auditable if FAUGEN Security audit data generation is included in the PP/ST. a)Minimal: Successful generation of validity evidence. b)Basic: Unsuccessful generation of validity evidence. c)Detailed: The identity of the subject that requested the evidence. Audit: FDPDAU.2 The following events should be auditable if FAUGEN Security audit data generation is included in the PP/ST. a)Minimal: Successful generation of validity evidence. b)Basic: Unsuccessful generation of validity evidence. c)Detailed: The identity of the subject that requested the evidence. 0 ... 16 17 18 19 20 21 22 ... 117
|
