The WLAN Access System 1.0 will be modified as follows. Text that is bolded indicates added content. Text that has a strikethrough indicates removed content.
In Section "1.1 Overview":
A TOE that conforms to a Protection Profile Configuration (PP-Configuration) containing this PP-Module must be a ‘Distributed TOE’ as defined in the NDcPP. The expectation for this PP-Module is that a WLAN AS must include a controller and one or more access points (APs).
A TOE that conforms to a Protection Profile Configuration (PP-Configuration) containing this PP-Module can either be a standalone or distributed TOE as defined in the NDcPP. For distributed TOEs, the expectation for this PP-Module is that a WLAN AS is composed of a single controller and one or more access points (APs).
In Section "1.4 Uses Cases":
[USE CASE 1] Standalone Device
The TOE is a standalone network device that serves as a single network endpoint that provides connectivity to wireless clients.
[USE CASE 2] Distributed System
In section "5.1.1 Modified SFRs":
The SFRs listed in this section are defined in the NDcPP and relevant to the secure operation of the TOE.
5.1.1.1 Security Audit (FAU)
FAU_GEN_EXT.1 Security Audit Generation
FAU_GEN_EXT.1.1
This is specified as a selection-based SFR in the Base-PP but is mandatory for any TOE that claims conformance to this PP-Module because a conformant TOE will always be distributed. Therefore, it will always be required for each TOE component to generate its own audit records.
FAU_STG_EXT.1 Protected Audit Event Storage
Application Note: This SFR is modified to restrict selections in FAU_STG_EXT.1.2 to a subset of the available options to account for the TOE being distributed.
FAU_STG_EXT.1.1
The TSF shall be able to transmit the generated audit data to an external IT entity using a trusted channel according to FTP_ITC.1.
FAU_STG_EXT.1.2
The TSF shall be able to store generated audit data on the TOE itself. In addition [selection: The TOE shall be a distributed TOE that stores audit data on the following TOE components: [assignment: identification of TOE components], The TOE shall be a distributed TOE with storage of audit data provided externally for the following TOE components: [assignment: list of TOE components that do not store audit data locally and the other TOE components to which they transmit their generated audit data] ].
FAU_STG_EXT.1.3
The TSF shall [selection: drop new audit data, overwrite previous audit records according to the following rule: [assignment: rule for overwriting previous audit records], [assignment: other action] ] when the local storage space for audit data is full.
FAU_STG_EXT.4 Protected Local Audit Event Storage for Distributed TOEs
FAU_STG_EXT.4.1
This is specified as a selection-based SFR in the Base-PP but is mandatory for any TOE that claims conformance to this PP-Module because a conformant TOE will always be distributed. Therefore, it will always be required for each TOE component to appropriately protect its own audit records.
5.1.1.2 Communication (FCO)
FCO_CPC_EXT.1 Component Registration Channel Definition
FCO_CPC_EXT.1.1
This is specified as a selection-based SFR in the Base-PP but is mandatory for any TOE that claims conformance to this PP-Module because a conformant TOE will always be distributed. Therefore, it will always be required for a Security Administrator to enable communications between any pair of TOE components before such communication can take place.
FCO_CPC_EXT.1.2
This is specified as a selection-based SFR in the Base-PP but is mandatory for any TOE that claims conformance to this PP-Module because a conformant TOE will always be distributed. Therefore, it will always be required that each component establish and use a communications channel that uses a secure channel requirement or no channel.
5.1.1.3 Cryptographic Support (FCS) Modified SFRs
In section "5.3 TOE Security Functional Requirements Rationale"
O.AUTHENTICATION
|
FCO_CPC_EXT.1 (from Base-PP)
|
FCO_CPC_EXT.1 supports the objective by requiring the TSF to implement a mechanism that authenticates its distributed components to each other.
|
O.SYSTEM_MONITORING
|
FAU_GEN.1/WLAN
|
FAU_GEN.1/WLAN supports the objective by requiring the TSF to generate audit records for security-relevant WLAN behavior.
|
FAU_GEN_EXT.1 (modified from Base-PP)
|
FAU_GEN_EXT.1 supports the objective by requiring the TSF to generate appropriate security-relevant auditable events on each of its distributed components.
|
FAU_STG_EXT.1 (modified from Base-PP)
|
FAU_STG_EXT.1 supports the objective by defining how distributed TOE components store their generated audit records.
|
In section "6.1.4 Consistency of Requirements":
Modified SFRs
FAU_GEN_EXT.1 This PP-Module does not modify the Base-PP SFR; it only mandates the inclusion of the SFR because a conformant TOE will always require this functionality that is only conditional in the Base-PP.
FAU_STG_EXT.1 This PP-Module modifies a Base-PP SFR by restricting the selection options to a subset of those defined in the Base-PP. .
FAU_STG_EXT.4 This PP-Module does not modify the Base-PP SFR; it only mandates the inclusion of the SFR because a conformant TOE will always require this functionality that is only conditional in the Base-PP.
FCO_CPC_EXT.1 This PP-Module does not modify the Base-PP SFR; it only mandates the inclusion of the SFR because a conformant TOE will always require this functionality that is only conditional in the Base-PP.
FCS_COP.1/DataEncryption