FDP_IFC.1 Subset information flow control
User application notes
This component requires that an information flow control policy apply to a subset of the possible operations in the TOE.
Operations
Assignment:
In FDP_IFC.1.1, the PP/ST author should specify a uniquely named information flow control SFP to be enforced by the TSF.
In FDP_IFC.1.1, the PP/ST author should specify the list of subjects, information, and operations which cause controlled information to flow to and from controlled subjects covered by the SFP. As mentioned above, the list of subjects could be at various levels of detail depending on the needs of the PP/ST author. It could specify users, machines, or processes for example. Information could refer to data such as email or network protocols, or more specific objects similar to those specified under an access control policy. If the information that is specified is contained within an object that is subject to an access control policy, then both the access control policy and information flow control policy must be enforced before the specified information could flow to or from the object.