FMT_MSA.3 Static attribute initialisation
User application notes
This component requires that the TSF provide default values for relevant object security attributes, which can be overridden by an initial value. It may still be possible for a new object to have different security attributes at creation, if a mechanism exists to specify the permissions at time of creation.
Operations
Assignment:
In FMT_MSA.3.1,the PP/ST author should list the access control SFP or the information flow control SFP for which the security attributes are applicable.
Selection:
In FMT_MSA.3.1, the PP/ST author should select whether the default property of the access control attribute will be restrictive, permissive, or another property. In case of another property, the PP/ST author should refine this to a specific property.
Assignment:
In FMT_MSA.3.2 the PP/ST author should specify the roles that are allowed to modify the values of the security attributes. The possible roles are specified in FMT_SMR.1.