Family behaviour
The rollback operation involves undoing the last operation or a series of operations, bounded by some limit, such as a period of time, and return to a previous known state. Rollback provides the ability to undo the effects of an operation or series of operations to preserve the integrity of the user data.
Component levelling
FDP_ROL.1 Basic rollback addresses a need to roll back or undo a limited number of operations within the defined bounds.
FDP_ROL.2 Advanced rollback addresses the need to roll back or undo all operations within the defined bounds.
Management: FDP_ROL.1, FDP_ROL.2
The following actions could be considered for the management functions in FMT Management:
a) The boundary limit to which rollback may be performed could be a configurable item within the TOE.
b) Permission to perform a rollback operation could be restricted to a well defined role.
Audit: FDP_ROL.1, FDP_ROL.2
The following events should be auditable if FAU_GEN Security audit data generation is specified in the PP/ST:
a) Minimal: All successful rollback operations.
b) Basic: All attempts to perform rollback operations.
c) Detailed: All attempts to perform rollback operations, including identification of the types of operations rolled back.