FDP_ITT.2 Transmission separation by attribute
User application notes
This component could, for example, be used to provide different forms of protection to information with different clearance levels.
One of the ways to achieve separation of data when it is transmitted is through the use of separate logical or physical channels.
Operations
Assignment:
In FDP_ITT.2.1, the PP/ST author should specify the access control SFP(s) and/or information flow control SFP(s) covering the information being transferred.
Selection:
In FDP_ITT.2.1 the PP/ST author should specify the types of transmission errors that the TSF should prevent occuring for user data while in transport. The options are disclosure, modification, loss of use.
Assignment:
In FDP_ITT.2.2, the PP/ST author should specify the security attributes, the values of which the TSF will use to determine when to separate data that is being trasmitted between physically-separated parts of the TOE. An example is that user data associated with the identity of one owner is transmitted separately from the user data associated with the identify of a different owner. In this case, the value of the identity of the owner of the data is what is used to determine when to separate the data for transmission.