There is a discrepancy between the definition of "Security attribute" in CC Part 1 and the use of the term in other portions of the CC, where security attributes are referred to in the context of information and resources.

Interpretation

The term "security attribute" also applies to security-related characteristics associated with information (under an information flow policy) and resources.

Specific Changes

In order to address this interpretation, the following changes are made to CC v2.1, Part 1:

·        Reword Subclause 2.3, paragraph 46 as follows:

Security attribute - Characteristics of subjects, users, objects, information, and/or resources that are used for the enforcement of the TSP.

Rationale

No additional rationale required, the interpretation speaks for itself.