Family behaviour
This family addresses detection of replay for various types of entities (e.g. messages, service requests, service responses) and subsequent actions to correct. In the case where replay may be detected, this effectively prevents it.
Component levelling
The family consists of only one component, FPT_RPL.1 Replay detection, which requires that the TSF shall be able to detect the replay of identified entities.
Management: FPT_RPL.1
The following actions could be considered for the management functions in FMT:
a) management of the list of identified entities for which replay shall be detected;
b) management of the list of actions that need to be taken in case of replay.
Audit: FPT_RPL.1
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP / ST:
a) Basic: Detected replay attacks.
b) Detailed: Action to be taken based on the specific actions.