6.2 Access control functions (FDP_ACF)

Family behaviour

This family describes the rules for the specific functions that can implement an access control policy named in FDP_ACC  Access control policy FDP_ACC Access control policy . FDP_ACC Access control policy specifies the scope of control of the policy.

Component levelling

This family addresses security attribute usage and characteristics of policies. The component within this family is meant to be used to describe the rules for the function that implements the SFP as identified in FDP_ACC Access control policy . The PP/ST author may also iterate this component to address multiple policies in the TOE.

FDP_ACF.1 Security attribute based access control allows the TSF to enforce access based upon security attributes and named groups of attributes. Furthermore, the TSF may have the ability to explicitly authorise or deny access to an object based upon security attributes.

Management: FDP_ACF.1

The following actions could be considered for the management functions in FMT Management:

a)    Managing the attributes used to make explicit access or denial based decisions.

Audit: FDP_ACF.1

The following events should be auditable if FAU_GEN Security audit data generation is included in the PP/ST:

a)    Minimal: Successful requests to perform an operation on an object covered by the SFP.

b)    Basic: All requests to perform an operation on an object covered by the SFP.

c)    Detailed: The specific security attributes used in making an access check.