FDP_IFF.6 Illicit Information Flow Monitoring
User application notes
This component should be used when it is desired that the TSF provide the ability to monitor the use of illicit information flows that exceed a specified capacity. If it is desired that such flows be audited, then this component could serve as the source of audit events to be used by components from the FAU_GEN Security audit data generation family.
Operations
Assignment:
In FDP_IFF.6.1 the PP/ST author should specify the information flow control SFPs enforced by the TSF. The name of the information flow control SFP, and the scope of control for that policy are defined in components from FDP_IFC.
In FDP_IFF.6.1 the PP/ST author should specify the types of illicit information flows that will be monitored for exceeding a maximum capacity.
In FDP_IFF.6.1 the PP/ST author should specify the maximum capacity above which illicit information flows will be monitored by the TSF.