FDP_ITT.4     Attribute-based integrity monitoring

This component is used in combination with FDP_ITT.2. It ensures that the TSF checks received user data, that has been transmitted by separate channels (based on values of specified security attributes), for integrity. It allows the PP/ST author to specify actions to be taken upon detection of an integrity error.

For example, this component could be used to provide different integrity error detection and action for information at different integrity levels.

The PP/ST author has to specify the types of errors that must be detected. The PP/ST author should consider: modification of data, substitution of data, unrecoverable ordering change of data, replay of data, incomplete data, in addition to other integrity errors.

The PP/ST author should specify the attributes (and associated transmission channels) that necessitate integrity error monitoring

The PP/ST author must specify the actions that the TSF should take on detection of a failure. For example: ignore the user data, request the data again, inform the authorised administrator, reroute traffic for other lines.

Operations

Assignment:

In FDP_ITT.4.1, the PP/ST author should specify the access control SFP(s) and/or information flow control SFP(s) covering the information being transferred and monitored for integrity errors.

In FDP_ITT.4.1, the PP/ST author should specify the type of possible integrity errors to be monitored during transmission of the user data.

In FDP_ITT.4.1, the PP/ST author should specify a list of security attributes that require separate transmission channels. This list is used to determine which user data to monitor for integrity errors., based on its security attributes and its transmission channel. This element is directly related to FDP_ITT.2 Transmission separation by attribute./p>

In FDP_ITT.4.2, the PP/ST author should specify the action to be taken by the TSF when an integrity error is encountered. An example might be that the TSF should request the resubmission of the user data. The SFP(s) specified in FDP_ITT.3.1 will be enforced as the actions are taken by the TSF.