Archived
TD0799: MOD_WIDS Updates for CC Conformance
Publication Date
2023.11.13
Protection Profiles
MOD_WIDS_V1.0
Other References
FAU_SAA.1.2, FMT_SMF.1/WIDS
Issue Description
An ACE work unit assessment uncovered issues with FAU_SAA.1.2 and FMT_SMF.1/WIDS regarding showing assignment completions and refinements. Resolution
This TD has been superseded by TD0806 on 19 Dec 2023 and is now archived. FAU_SAA.1.2 (as modified by TD0558) in MOD_WIDS_V1.0 is updated as follows, with green underlined highlighting denoting additions (adding brackets to show completed assignment): FAU_SAA.1.2 The TSF shall enforce the following rules for monitoring wireless traffic: a. Accumulation or combination of [assignment: subset of defined auditable events] known to indicate a potential security violation, b. [Detection of non-allowlisted AP, ... ae. [assignment: any other rules]]. FNT_SMF.1/WIDS is updated as follows, with green underlined highlighting denoting additions (bolding of "for WIDS functionality and italicizing of first 6 bullets): FMT_SMF.1.1/WIDS The TSF shall be capable of performing the following management functions for WIDS functionality: [ - Define an inventory of authorized APs based on [selection: MAC addresses, [assignment: other unique device identifier]], - Define an inventory of authorized EUDs based on MAC addresses, - Define rules for monitoring and alerting on the wireless traffic, - Define authorized SSID(s), - Define authorized WLAN authentication schemes, - Define authorized WLAN encryption schemes, ... ]]. Justification
See issue description. |