Family behaviour
Non-repudiation of origin ensures that the originator of information cannot successfully deny having sent the information. This family requires that the TSF provide a method to ensure that a subject that receives information during a data exchange is provided with evidence of the origin of the information. This evidence can then be verified by either this subject or other subjects.
Component levelling
FCO_NRO.1 Selective proof of origin requires the TSF to provide subjects with the capability to request evidence of the origin of information.
FCO_NRO.2 Enforced proof of origin requires that the TSF always generate evidence of origin for transmitted information.
Management: FCO_NRO.1, FCO_NRO.2
The following actions could be considered for the management functions in FMT:
a) The management of changes to information types, fields, originator attributes and recipients of evidence.
Audit: FCO_NRO.1
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP/ST:
a) Minimal: The identity of the user who requested that evidence of origin would be generated.
b) Minimal: The invocation of the non-repudiation service.
c) Basic: Identification of the information, the destination, and a copy of the evidence provided.
d) Detailed: The identity of the user who requested a verification of the evidence.
Audit: FCO_NRO.2
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP/ST:
a) Minimal: The invocation of the non-repudiation service.
b) Basic: Identification of the information, the destination, and a copy of the evidence provided.
c) Detailed: The identity of the user who requested a verification of the evidence.