Family behaviour
This family defines the mechanisms for introduction of user data into the TOE such that it has appropriate security attributes and is appropriately protected. It is concerned with limitations on importation, determination of desired security attributes, and interpretation of security attributes associated with the user data.
Component levelling
This family contains two components to address the preservation of security attributes of imported user data for access control and information control policies.
Component FDP_ITC.1 Import of user data without security attributes requires that the security attributes correctly represent the user data and are supplied separately from the object.
Component FDP_ITC.2 Import of user data with security attributes requires that security attributes correctly represent the user data and are accurately and unambiguously associated with the user data imported from outside the TSC.
Management: FDP_ITC.1, FDP_ITC.2
The following actions could be considered for the management functions in FMT Management:
a) The modification of the additional control rules used for import.
Audit: FDP_ITC.1, FDP_ITC.2
The following events should be auditable if FAU_GEN Security audit data generation is included in the PP/ST:
a) Minimal: Successful import of user data, including any security attributes.
b) Basic: All attempts to import user data, including any security attributes.
c) Detailed: The specification of security attributes for imported user data supplied by an authorised user.