FDP_ETC.2 Export of user data with security attributes
User application notes
The user data is exported together with its security attributes. The security attributes are unambiguously associated with the user data. There are several ways of achieving this association. One way that this can be achieved is by physically collocating the user data and the security attributes (e.g. the same floppy), or by using cryptographic techniques such as secure signatures to associate the attributes and the user data. FTP_ITC Inter-TSF trusted channel could be used to assure that the attributes are correctly received at the other Trusted IT Product while FPT_TDC Inter-TSF TSF data consistency can be used to make sure that those attributes are properly interpreted. Furthermore, FTP_TRP Trusted path could be used to make sure that the export is being initiated by the proper user.
Operations
Assignment:
In FDP_ETC.2.1, the PP/ST author should specify the access control SFP(s) and/or information flow control SFP(s) that will be enforced when exporting user data. The user data that this function exports is scoped by the assignment of these SFPs.
In FDP_ETC.2.4, the PP/ST author should specify any additional exportation control rules or "none" if there are no additional exportation control rules. These rules will be enforced by the TSF in addition to the access control SFPs and/or information flow control SFPs selected in FDP_ETC.2.1.