TD0745: Corrections to FIA_AUT_EXT.1 Tests
Publication Date
2023.06.14
Protection Profiles
MOD_EDR_V1.0
Other References
FAU_AUT_EXT.1, MOD_EDR_V1.0-SD
Issue Description
The Test Assurance Activities for FIA_AUT_EXT.1 in the PP-Module for Endpoint Detection and Response Version 1.0 have the following issues: • Test 1 is conditional but its reason for being conditional does not use wording from the SFR. • Test 1 uses the wording “with strictly unanimous authentication for those enabled” which does not match any functional expectations define within the SFR wording • Test 2 should have the second sentence deleted because the SFR does not allow for additional platform-based factors Resolution
Test 1 and Test 2 for FAU_AUT_EXT.1.1 in the MOD_EDR_V1.0 SD are modified as follows, withhighlighted strikethroughs denoting deletions: Test 1: Conditional: If "provide the following authentication mechanisms" is selected, the evaluator shall create an account with a username and password, verifying that login authentication is case-sensitive. If additional factors are provided, each factor shall be tested for login access with strictly unanimous authentication for those enabled. The evaluator shall verify that login access is granted for correct credentials and denied in cases of incorrect credentials across available factors. Test 2: Conditional: If "leverage the platform" is selected, the evaluator shall create an account following the platform rules. If additional factors are provided, each factor shall be tested for login access with strictly unanimous authentication for those enabled. The evaluator shall verify that login access is granted for correct credentials and denied in cases of incorrect credentials across available factors. Justification
See issue description. |