Joint task force transformation initiative



Yüklə 5,64 Mb.
səhifə171/186
tarix08.01.2019
ölçüsü5,64 Mb.
#93199
1   ...   167   168   169   170   171   172   173   174   ...   186

AC-4 (1)

Information Flow Enforcement

Object Security Attributes

FDP_IFC.2

Information Flow Control Policy

Complete Information Flow Control



AC-3

Access Enforcement

AC-3 (3)

Access Enforcement

Mandatory Access Control

AC-4

Information Flow Enforcement

FDP_IFF.1

Information Flow Control Functions

Simple Security Attributes



AC-3

Access Enforcement

AC-3 (3)

Access Enforcement

Mandatory Access Control

AC-4

Information Flow Enforcement

AC-4 (1)

Information Flow Enforcement

Object Security Attributes

AC-4 (2)

Information Flow Enforcement

Processing Domains

AC-4 (7)

Information Flow Enforcement

One-Way Flow Mechanisms

AC-16

Security Attributes

SC-7

Boundary Protection

FDP_IFF.2

Information Flow Control Functions

Hierarchical Security Attributes



AC-3

Access Enforcement

AC-3 (3)

Access Enforcement

Mandatory Access Control

AC-4 (1)

Information Flow Enforcement

Object Security Attributes

AC-16

Security Attributes

FDP_IFF.3

Information Flow Control Functions

Limited Illicit Information Flows



SC-31

Covert Channel Analysis

SC-31 (2)

Covert Channel Analysis

Maximum Bandwidth

FDP_IFF.4

Information Flow Control Functions

Partial Elimination of Illicit Information Flows



SC-31

Covert Channel Analysis

SC-31 (2)

Covert Channel Analysis

Maximum Bandwidth

FDP_IFF.5

Information Flow Control Functions

No Illicit Information Flows



SC-31

Covert Channel Analysis

SC-31 (2)

Covert Channel Analysis

Maximum Bandwidth

FDP_IFF.6

Information Flow Control Functions

Illicit Information Flow Monitoring



SC-31

Covert Channel Analysis

SI-4 (18)

Information System Monitoring

Analyze Traffic / Covert Exfiltration

FDP_ITC.1

Import from Outside of the TOE

Import of User Data without Security Attributes



AC-4 (9)

Information Flow Enforcement

Human Reviews

AC-4 (12)

Information Flow Enforcement

Data Type Identifiers

FDP_ITC.2

Import from Outside of the TOE

Import of User Data with Security Attributes



AC-4 (18)

Information Flow Enforcement

Security Attribute Binding

AC-16

Security Attributes

SC-16

Transmission of Security Attributes

FDP_ITT.1

Internal TOE Transfer

Basic Internal Transfer Protection



SC-8

Transmission Confidentiality and Integrity

SC-8 (1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

SC-5

Denial of Service Protection

FDP_ITT.2

Internal TOE Transfer

Transmission Separation by Attribute



SC-8

Transmission Confidentiality and Integrity

SC-8 (1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

SC-5

Denial of Service Protection

AC-4 (21)

Information Flow Enforcement

Physical / Logical Separation of Information Flows

FDP_ITT.3

Internal TOE Transfer

Integrity Monitoring



SI-7

Software, Firmware, and Information Integrity

SI-7 (1)

Software, Firmware, and Information Integrity

Integrity Checks

SC-8 (1)

Transmission Integrity

Cryptographic or Alternate Physical Protection

SI-7 (5)

Software, Firmware, and Information Integrity

Automated Response to Integrity Violations

FDP_ITT.4

Internal TOE Transfer

Attribute-Based Integrity Monitoring



SI-7

Software, Firmware, and Information Integrity

SI-7 (1)

Software, Firmware, and Information Integrity

Integrity Checks

SC-8 (1)

Transmission Integrity

Cryptographic or Alternate Physical Protection

AC-4 (21)

Information Flow Enforcement

Physical / Logical Separation of Information Flows

SI-7 (5)

Software, Firmware, and Information Integrity

Automated Response to Integrity Violations

FDP_RIP.1

Residual Information Protection

Subset Residual Information Protection



SC-4

Information in Shared Resources

FDP_RIP.2

Residual Information Protection

Full Residual Information Protection



SC-4

Information in Shared Resources

FDP_ROL.1

Rollback

Basic Rollback



CP-10 (2)

Information System Recovery and Reconstitution

Transaction Recovery

FDP_ROL.2

Rollback

Advanced Rollback



CP-10 (2)

Information System Recovery and Reconstitution

Transaction Recovery

FDP_SDI.1

Stored Data Integrity

Stored Data Integrity Monitoring



SI-7

Software, Firmware, and Information Integrity

SI-7 (1)

Software, Firmware, and Information Integrity

Integrity Scans

FDP_SDI.2

Stored Data Integrity

Stored Data Integrity Monitoring and Action



SI-7

Software, Firmware, and Information Integrity

SI-7 (1)

Software, Firmware, and Information Integrity

Integrity Scans

SI-7 (5)

Software, Firmware, and Information Integrity

Automated Response to Integrity Violations

FDP_UCT.1

Inter-TSF User Data Confidentiality Transfer Protection

Basic Data Exchange Confidentiality



SC-8

Transmission Confidentiality and Integrity

SC-8 (1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

FDP_UIT.1

Inter-TSF User Data Integrity Transfer Protection

Data Exchange Integrity



SC-8

Transmission Confidentiality and Integrity

SC-8 (1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

SI-7

Software, Firmware, and Information Integrity

SI-7 (6)

Software, Firmware, and Information Integrity

Cryptographic Protection

FDP_UIT.2

Inter-TSF User Data Integrity Transfer Protection

Source Data Exchange Recovery



No Mapping.

FDP_UIT.3

Inter-TSF User Data Integrity Transfer Protection

Destination Data Exchange Recovery



No Mapping.

FIA_AFL.1

Authentication Failure

Authentication Failure Handling



AC-7

Unsuccessful Logon Attempts

FIA_ATD.1

User Attribute Definition

User Attribute Definition



AC-2

Account Management

IA-2

Identification and Authentication (Organizational Users)

FIA_SOS.1

Specification of Secrets

Verification of Secrets



IA-5

Authenticator Management

IA-5 (1)

Authenticator Management

Password-Based Authentication



IA-5 (12)

Authenticator Management

Biometric Authentication



FIA_SOS.2

Specification of Secrets

TSF Generation of Secrets



IA-5

Authenticator Management

IA-5 (1)

Authenticator Management

Password-Based Authentication



IA-5 (12)

Authenticator Management

Biometric Authentication



FIA_UAU.1

User Authentication

Timing of Authentication



AC-14

Permitted Actions without Identification or Authentication

IA-2

Identification and Authentication (Organizational Users)

IA-8

Identification and Authentication (Non-Organizational Users)

FIA_UAU.2

User Authentication

User Authentication Before Any Action



AC-14

Permitted Actions without Identification or Authentication

IA-2

Identification and Authentication (Organizational Users)

IA-8

Identification and Authentication (Non-Organizational Users)

FIA_UAU.3

User Authentication

Unforgeable Authentication



IA-2 (8)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts - Replay Resistant

IA-2 (9)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts - Replay Resistant

FIA_UAU.4

User Authentication

Single-Use Authentication Mechanisms



IA-2 (8)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts - Replay Resistant

IA-2 (9)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts - Replay Resistant

FIA_UAU.5

User Authentication

Multiple Authentication Mechanisms



IA-2 (1)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts



IA-2 (2)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts



IA-2 (3)

Identification and Authentication (Organizational Users)

Local Access To Privileged Accounts



IA-2 (4)

Identification and Authentication (Organizational Users)

Local Access To Non-Privileged Accounts



IA-2 (6)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts - Separate Device



IA-2 (7)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts - Separate Device



IA-2 (11)

Yüklə 5,64 Mb.

Dostları ilə paylaş:
1   ...   167   168   169   170   171   172   173   174   ...   186




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©muhaz.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin