User application notes
This component is used to specify that users and/or authorised users can read the audit records. These audit records will be provided in a manner appropriate to the user. There are different types of users (human users, machine users) that might have different needs.
The content of the audit records that can be viewed can be specified.
Operations
Assignment:
In FAU_SAR.1.1 the PP/ST author should specify the authorised users that can use this capability. If appropriate the PP/ST author may include security roles (see FMT_SMR.1 Security roles).
In FAU_SAR.1.1 the PP/ST author should specify the type of information the specified user is permitted to obtain from the audit records. Examples are "all", "subject identity", "all information belonging to audit records referencing this user".