Family behaviour
Distributed systems may give rise to greater complexity than monolithic systems through the potential for differences in state between parts of the system, and through delays in communication. In most cases synchronisation of state between distributed functions involves an exchange protocol, not a simple action. When malice exists in the distributed environment of these protocols, more complex defensive protocols are required.
FPT_SSP State synchrony protocol establishes the requirement for certain critical security functions of the TSF to use this trusted protocol. FPT_SSP State synchrony protocol ensures that two distributed parts of the TOE (e.g. hosts) have synchronised their states after a security-relevant action.
Component levelling
FPT_SSP.1 Simple trusted acknowledgement requires only a simple acknowledgment by the data recipient.
FPT_SSP.2 Mutual trusted acknowledgement requires mutual acknowledgment of the data exchange.
Management: FPT_SSP.1, FPT_SSP.2
There are no management activities foreseen.
Audit: FPT_SSP.1, FPT_SSP.2
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP / ST:
a) Minimal: failure to receive an acknowledgement when expected.