Family behaviour
This family defines the requirements for the TSF to be able to create and maintain a secure audit trail.
Component levelling
At FAU_STG.1 Protected audit trail storage, requirements are placed on the audit trail. It will be protected from unauthorised deletion and/or modification.
FAU_STG.2 Guarantees of audit data availability specifies the guarantees that the TSF maintains over the audit data given the occurrence of an undesired condition.
FAU_STG.3 Action in case of possible audit data loss specifies actions to be taken if a threshold on the audit trail is exceeded.
FAU_STG.4 Prevention of audit data loss specifies actions in case the audit trail is full.
Management: FAU_STG.1
There are no management activities foreseen.
Management: FAU_STG.2
The following actions could be considered for the management functions in FMT:
a) maintenance of the parameters that control the audit storage capability.
Management: FAU_STG.3
The following actions could be considered for the management functions in FMT:
a) maintenance of the threshold;
b) maintenance (deletion, modification, addition) of actions to be taken in case of imminent audit storage failure.
Management: FAU_STG.4
The following actions could be considered for the management functions in FMT:
a) maintenance (deletion, modification, addition) of actions to be taken in case of audit storage failure.
Audit: FAU_STG.1, FAU_STG.2
There are no actions identified that should be auditable if FAU_GEN Security audit data generation is included in the PP/ST.
Audit: FAU_STG.3
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP/ST:
a) Basic: Actions taken due to exceeding of a threshold.
Audit: FAU_STG.4 Prevention of audit data loss
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP/ST:
a) Basic: Actions taken due to the audit storage failure.