|
Date: |
04/04/2005 |
|
Subject: |
Editorial/Grammatical Change |
|
CC Part #1 Reference: |
|
|
CC Part #2 Reference: |
FDP_ITC |
|
CC Part #3 Reference: |
|
|
CEM Reference: |
|
Issue
FDP_ETC.1 (Export to outside TSF control) and FDP_ITC.1 (Import from outside TSF control) have fairly symmetrical elements as follows.
FDP_ETC.1.1 The TSF shall enforce the [assignment: access control SFP(s) and/or information flow control SFP(s)] when exporting user data, controlled under the SFP(s), outside of the TSC.
FDP_ITC.1.1 The TSF shall enforce the [assignment: access control SFP and/or information flow control SFP] when importing user data, controlled under the SFP, from outside of the TSC.
FDP_ETC.1 accepts multiple SFP(s) and FDP_ITC.1.1 does not.
Interpretation
FDP_ITC.1.1 should accepts multiple SFP(s).
Specific Changes
To address
this interpretation, the following changes are made to CC v2.1, Part 2
FDP_ITC.1.1:
FDP_ITC.1.1 The TSF shall enforce the [assignment: access control SFP(s) and/or information flow control SFP(s)] when importing user data, controlled under the SFP, from outside of the TSC.
and the
correspondent assignment notes is changes as follows:
In FDP_ITC.1.1, the PP/ST author should specify the access control SFP(s) and/or information flow control SFP(s) that will be enforced when importing user data from outside of the TSC. The user data that this function imports is scoped by the assignment of these SFPs.
Rationale
This interpretation allows for any number of SFP(s) when
importing data
from outside the TSC.