The Common Criteria does not currently provide functional requirements for identifying the clear association of controlled entities (subjects, information) with relevant security attributes. The existing FDP_ACF family provides only for a simple list of security attributes, without the ability to describe the required association to controlled entities.

The statement of Access Control Policy provides a clear association of controlled entities (subjects, objects) with relevant security attributes.

To address this interpretation, the following changes are made to CC v2.1, Part 2:

• The FDP_ACF.1.1 element is replaced as follows:

  FDP_ACF.1.1 The TSF shall enforce the [assignment: access control SFP] to objects based on the following: [assignment: list of subjects and objects controlled under the indicated SFP, and for each, the SFP-relevant security attributes, or named groups of SFP-relevant security attributes]

• In Subclause F.2, the first sentence in paragraph 763 is replaced with:

  In FDP_ACF.1.1, the PP/ST author should specify, for each controlled subject and object, the security attributes and/or named groups of security attributes that the function will use in the specification of the rules.

This interpretation makes it clear that an appropriate assignment is one that provides, for each controlled entity, the SFP-relevant security attributes of that entity. This can be clearly provided as a two column table: one column is the controlled entity (subject, object), the other is a list of SFP-relevant security attributes for that controlled entity.