Foreword   Next

Part 2 Contents

(Part 1
 		 Introduction and General Model)
1 Scope
1.1 Extending and maintaining functional requirements
1.2 Organisation of CC Part 2
1.3 Functional requirements paradigm
2 Security functional components
2.1 Overview
2.1.1 Class structure
2.1.2 Family structure
2.1.3 Component structure
2.1.4 Permitted functional component operations
2.2 Component catalogue
2.2.1 Component changes highlighting
3 Class FAU: Security audit
3.1 Security audit automatic response (FAU_ARP)
3.2 Security audit data generation (FAU_GEN)
3.3 Security audit analysis (FAU_SAA)
3.4 Security audit review (FAU_SAR)
3.5 Security audit event selection (FAU_SEL)
3.6 Security audit event storage (FAU_STG)
4 Class FCO: Communication
4.1 Non-repudiation of origin (FCO_NRO)
4.2 Non-repudiation of receipt (FCO_NRR)
5 Class FCS: Cryptographic support
5.1 Cryptographic key management (FCS_CKM)
5.2 Cryptographic operation (FCS_COP)
6 Class FDP: User data protection
6.1 Access control policy (FDP_ACC)
6.2 Access control functions (FDP_ACF)
6.3 Data authentication (FDP_DAU)
6.4 Export to outside TSF control (FDP_ETC)
6.5 Information flow control policy (FDP_IFC)
6.6 Information flow control functions (FDP_IFF)
6.7 Import from outside TSF control (FDP_ITC)
6.8 Internal TOE transfer (FDP_ITT)
6.9 Residual information protection (FDP_RIP)
6.10 Rollback (FDP_ROL)
6.11 Stored data integrity (FDP_SDI)
6.12 Inter-TSF user data confidentiality transfer protection (FDP_UCT)
6.13 Inter-TSF user data integrity transfer protection (FDP_UIT)
7 Class FIA: Identification and authentication
7.1 Authentication failures (FIA_AFL)
7.2 User attribute definition (FIA_ATD)
7.3 Specification of secrets (FIA_SOS)
7.4 User authentication (FIA_UAU)
7.5 User identification (FIA_UID)
7.6 User-subject binding (FIA_USB)
8 Class FMT: Security management
8.1 Management of functions in TSF (FMT_MOF)
8.2 Management of security attributes (FMT_MSA)
8.3 Management of TSF data (FMT_MTD)
8.4 Revocation (FMT_REV)
8.5 Security attribute expiration (FMT_SAE)
8.6 Security management roles (FMT_SMR)
9 Class FPR: Privacy
9.1 Anonymity (FPR_ANO)
9.2 Pseudonymity (FPR_PSE)
9.3 Unlinkability (FPR_UNL)
9.4 Unobservability (FPR_UNO)
10 Class FPT: Protection of the TSF
10.1 Underlying abstract machine test (FPT_AMT)
10.2 Fail secure (FPT_FLS)
10.3 Availability of exported TSF data (FPT_ITA)
10.4 Confidentiality of exported TSF data (FPT_ITC)
10.5 Integrity of exported TSF data (FPT_ITI)
10.6 Internal TOE TSF data transfer (FPT_ITT)
10.7 TSF physical protection (FPT_PHP)
10.8 Trusted recovery (FPT_RCV)
10.9 Replay detection (FPT_RPL)
10.10 Reference mediation (FPT_RVM)
10.11 Domain separation (FPT_SEP)
10.12 State synchrony protocol (FPT_SSP)
10.13 Time stamps (FPT_STM)
10.14 Inter-TSF TSF data consistency (FPT_TDC)
10.15 Internal TOE TSF data replication consistency (FPT_TRC)
10.16 TSF self test (FPT_TST)
11 Class FRU: Resource utilisation
11.1 Fault tolerance (FRU_FLT)
11.2 Priority of service (FRU_PRS)
11.3 Resource allocation (FRU_RSA)
12 Class FTA: TOE access
12.1 Limitation on scope of selectable attributes (FTA_LSA)
12.2 Limitation on multiple concurrent sessions (FTA_MCS)
12.3 Session locking (FTA_SSL)
12.4 TOE access banners (FTA_TAB)
12.5 TOE access history (FTA_TAH)
12.6 TOE session establishment (FTA_TSE)
13 Class FTP: Trusted path/channels
13.1 Inter-TSF trusted channel (FTP_ITC)
13.2 Trusted path (FTP_TRP)
Annex A Security functional requirements application notes
A.1 Structure of the notes
A.1.1 Class structure
A.1.2 Family structure
A.1.3 Component structure
A.2 Dependency table
Annex B Functional classes, families, and components
Annex C Security audit (FAU)
C.1 Security audit automatic response (FAU_ARP)
C.2 Security audit data generation (FAU_GEN)
C.3 Security audit analysis (FAU_SAA)
C.4 Security audit review (FAU_SAR)
C.5 Security audit event selection (FAU_SEL)
C.6 Security audit event storage (FAU_STG)
Annex D Communication (FCO)
D.1 Non-repudiation of origin (FCO_NRO)
D.2 Non-repudiation of receipt (FCO_NRR)
Annex E Cryptographic support (FCS)
E.1 Cryptographic key management (FCS_CKM)
E.2 Cryptographic operation (FCS_COP)
Annex F User data protection (FDP)
F.1 Access control policy (FDP_ACC)
F.2 Access control functions (FDP_ACF)
F.3 Data authentication (FDP_DAU)
F.4 Export to outside TSF control (FDP_ETC)
F.5 Information flow control policy (FDP_IFC)
F.6 Information flow control functions (FDP_IFF)
F.7 Import from outside TSF control (FDP_ITC)
F.8 Internal TOE transfer (FDP_ITT)
F.9 Residual information protection (FDP_RIP)
F.10 Rollback (FDP_ROL)
F.11 Stored data integrity (FDP_SDI)
F.12 Inter-TSF user data confidentiality transfer protection (FDP_UCT)
F.13 Inter-TSF user data integrity transfer protection (FDP_UIT)
Annex G Identification and authentication (FIA)
G.1 Authentication failures (FIA_AFL)
G.2 User attribute definition (FIA_ATD)
G.3 Specification of secrets (FIA_SOS)
G.4 User authentication (FIA_UAU)
G.5 User identification (FIA_UID)
G.6 User-subject binding (FIA_USB)
Annex H Security management (FMT)
H.1 Management of functions in TSF (FMT_MOF)
H.2 Management of security attributes (FMT_MSA)
H.3 Management of TSF data (FMT_MTD)
H.4 Revocation (FMT_REV)
H.5 Security attribute expiration (FMT_SAE)
H.6 Security management roles (FMT_SMR)
Annex I Privacy (FPR)
I.1 Anonymity (FPR_ANO)
I.2 Pseudonymity (FPR_PSE)
I.3 Unlinkability (FPR_UNL)
I.4 Unobservability (FPR_UNO)
Annex J Protection of the TSF (FPT)
J.1 Underlying abstract machine test (FPT_AMT)
J.2 Fail secure (FPT_FLS)
J.3 Availability of exported TSF data (FPT_ITA)
J.4 Confidentiality of exported TSF data (FPT_ITC)
J.5 Integrity of exported TSF data (FPT_ITI)
J.6 Internal TOE TSF data transfer (FPT_ITT)
J.7 TSF physical protection (FPT_PHP)
J.8 Trusted recovery (FPT_RCV)
J.9 Replay detection (FPT_RPL)
J.10 Reference mediation (FPT_RVM)
J.11 Domain separation (FPT_SEP)
J.12 State synchrony protocol (FPT_SSP)
J.13 Time stamps (FPT_STM)
J.14 Inter-TSF TSF data consistency (FPT_TDC)
J.15 Internal TOE TSF data replication consistency (FPT_TRC)
J.16 TSF self test (FPT_TST)
Annex K Resource utilisation (FRU)
K.1 Fault tolerance (FRU_FLT)
K.2 Priority of service (FRU_PRS)
K.3 Resource allocation (FRU_RSA)
Annex L TOE access (FTA)
L.1 Limitation on scope of selectable attributes (FTA_LSA)
L.2 Limitation on multiple concurrent sessions (FTA_MCS)
L.3 Session locking (FTA_SSL)
L.4 TOE access banners (FTA_TAB)
L.5 TOE ccess history (FTA_TAH)
L.6 TOE session establishment (FTA_TSE)
Annex M Trusted path/channels (FTP)
M.1 Inter-TSF trusted channel (FTP_ITC)
M.2 Trusted path (FTP_TRP)
 
(Part 3: 		 
Security assurance requirements)
 


Foreword   Next