|Subject:||Some Modifications to the Audit Trail Are Authorized|
|CC Part #1 Reference:|
|CC Part #2 Reference:||CC Part 2, FAU_STG|
|CC Part #3 Reference:|
The second element within each component of the FAU_STG family does not distinguish between authorised and unauthorised modifications to the audit records. The modification controls imposed appear to be related only to unauthorised modifications.
Only unauthorised modifications are prohibited. Modifications to audit records performed in accordance with TSP are permitted.
Element FAU_STG.1.2 is reworded as follows:
FAU_STG.1.2 The TSF shall be able to [selection: prevent, detect] unauthorised modifications to the audit records in the audit trail.
Element FAU_STG.2.2 is reworded as follows:
FAU_STG.2.2 The TSF shall be able to [selection: prevent, detect] unauthorised modifications to the audit records in the audit trail
No additional rationale is required, the interpretation speaks for itself.