Объединенная экспертная группа по инициативе преобразования



страница41/48
Дата09.05.2018
Размер6.15 Mb.
1   ...   37   38   39   40   41   42   43   44   ...   48

AC-4(1)

Information Flow Enforcement

Object Security Attributes

FDP_IFC.2

Information Flow Control Policy

Complete Information Flow Control



AC-3

Access Enforcement

AC-3(3)

Access Enforcement

Mandatory Access Control

AC-4

Information Flow Enforcement


FDP_IFF.1

Information Flow Control Functions

Simple Security Attributes



AC-3

Access Enforcement

AC-3(3)

Access Enforcement

Mandatory Access Control

AC-4

Information Flow Enforcement

AC-4(1)

Information Flow Enforcement

Object Security Attributes

AC-4(2)

Information Flow Enforcement

Processing Domains

AC-4(7)

Information Flow Enforcement

One-Way Flow Mechanisms

AC-16

Security Attributes

SC-7

Boundary Protection

FDP_IFF.2

Information Flow Control Functions

Hierarchical Security Attributes



AC-3

Access Enforcement

AC-3(3)

Access Enforcement

Mandatory Access Control

AC-4(1)

Information Flow Enforcement

Object Security Attributes

AC-16

Security Attributes

FDP_IFF.3

Information Flow Control Functions

Limited Illicit Information Flows



SC-31

Covert Channel Analysis

SC-31(2)

Covert Channel Analysis

Maximum Bandwidth

FDP_IFF.4

Information Flow Control Functions

Partial Elimination of Illicit Information Flows



SC-31

Covert Channel Analysis

SC-31(2)

Covert Channel Analysis

Maximum Bandwidth

FDP_IFF.5

Information Flow Control Functions

No Illicit Information Flows



SC-31

Covert Channel Analysis

SC-31(2)

Covert Channel Analysis

Maximum Bandwidth

FDP_IFF.6

Information Flow Control Functions

Illicit Information Flow Monitoring



SC-31

Covert Channel Analysis

SI-4(18)

Information System Monitoring

Analyze Traffic / Covert Exfiltration

FDP_ITC.1

Import from Outside of the TOE

Import of User Data without Security Attributes



AC-4(9)

Information Flow Enforcement

Human Reviews

AC-4(12)

Information Flow Enforcement

Data Type Identifiers

FDP_ITC.2

Import from Outside of the TOE

Import of User Data with Security Attributes



AC-4(18)

Information Flow Enforcement

Security Attribute Binding

AC-16

Security Attributes

SC-16

Transmission of Security Attributes

FDP_ITT.1

Internal TOE Transfer

Basic Internal Transfer Protection



SC-8

Transmission Confidentiality and Integrity

SC-8(1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

SC-5

Denial of Service Protection

FDP_ITT.2

Internal TOE Transfer

Transmission Separation by Attribute



SC-8

Transmission Confidentiality and Integrity

SC-8(1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

SC-5

Denial of Service Protection

AC-4(21)

Information Flow Enforcement

Physical / Logical Separation of Information Flows

FDP_ITT.3

Internal TOE Transfer

Integrity Monitoring



SI-7

Software, Firmware, and Information Integrity

SI-7(1)

Software, Firmware, and Information Integrity

Integrity Checks

SC-8(1)

Transmission Integrity

Cryptographic or Alternate Physical Protection

SI-7(5)

Software, Firmware, and Information Integrity

Automated Response to Integrity Violations


FDP_ITT.4

Internal TOE Transfer

Attribute-Based Integrity Monitoring



SI-7

Software, Firmware, and Information Integrity

SI-7(1)

Software, Firmware, and Information Integrity

Integrity Checks

SC-8(1)

Transmission Integrity

Cryptographic or Alternate Physical Protection

AC-4(21)

Information Flow Enforcement

Physical / Logical Separation of Information Flows

SI-7(5)

Software, Firmware, and Information Integrity

Automated Response to Integrity Violations


FDP_RIP.1

Residual Information Protection

Subset Residual Information Protection




SC-4

Information in Shared Resources

FDP_RIP.2

Residual Information Protection

Full Residual Information Protection




SC-4

Information in Shared Resources

FDP_ROL.1

Rollback

Basic Rollback



CP-10(2)

Information System Recovery and Reconstitution

Transaction Recovery

FDP_ROL.2

Rollback

Advanced Rollback



CP-10(2)

Information System Recovery and Reconstitution

Transaction Recovery

FDP_SDI.1

Stored Data Integrity

Stored Data Integrity Monitoring



SI-7

Software, Firmware, and Information Integrity

SI-7(1)

Software, Firmware, and Information Integrity

Integrity Scans

FDP_SDI.2

Stored Data Integrity

Stored Data Integrity Monitoring and Action



SI-7

Software, Firmware, and Information Integrity

SI-7(1)

Software, Firmware, and Information Integrity

Integrity Scans

SI-7(5)

Software, Firmware, and Information Integrity

Automated Response to Integrity Violations

FDP_UCT.1

Inter-TSF User Data Confidentiality Transfer Protection

Basic Data Exchange Confidentiality



SC-8

Transmission Confidentiality and Integrity

SC-8(1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

FDP_UIT.1

Inter-TSF User Data Integrity Transfer Protection

Data Exchange Integrity



SC-8

Transmission Confidentiality and Integrity

SC-8(1)

Transmission Confidentiality and Integrity

Cryptographic or Alternate Physical Protection

SI-7

Software, Firmware, and Information Integrity

SI-7(6)

Software, Firmware, and Information Integrity

Cryptographic Protection

FDP_UIT.2

Inter-TSF User Data Integrity Transfer Protection

Source Data Exchange Recovery



No Mapping.

FDP_UIT.3

Inter-TSF User Data Integrity Transfer Protection

Destination Data Exchange Recovery



No Mapping.

FIA_AFL.1

Authentication Failure

Authentication Failure Handling



AC-7

Unsuccessful Logon Attempts

FIA_ATD.1

User Attribute Definition

User Attribute Definition



AC-2

Account Management

IA-2

Identification and Authentication (Organizational Users)

FIA_SOS.1

Specification of Secrets

Verification of Secrets



IA-5

Authenticator Management

IA-5(1)

Authenticator Management

Password-Based Authentication



IA-5(12)

Authenticator Management

Biometric Authentication



FIA_SOS.2

Specification of Secrets

TSF Generation of Secrets



IA-5

Authenticator Management

IA-5(1)

Authenticator Management

Password-Based Authentication



IA-5(12)

Authenticator Management

Biometric Authentication



FIA_UAU.1

User Authentication

Timing of Authentication



AC-14

Permitted Actions without Identification or Authentication

IA-2

Identification and Authentication (Organizational Users)

IA-8

Identification and Authentication (Non-Organizational Users)

FIA_UAU.2

User Authentication

User Authentication Before Any Action



AC-14

Permitted Actions without Identification or Authentication

IA-2

Identification and Authentication (Organizational Users)

IA-8

Identification and Authentication (Non-Organizational Users)

FIA_UAU.3

User Authentication

Unforgeable Authentication



IA-2(8)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts - Replay Resistant

IA-2(9)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts - Replay Resistant

FIA_UAU.4

User Authentication

Single-Use Authentication Mechanisms



IA-2(8)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts - Replay Resistant

IA-2(9)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts - Replay Resistant

FIA_UAU.5

User Authentication

Multiple Authentication Mechanisms



IA-2(1)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts



IA-2(2)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts





IA-2(3)

Identification and Authentication (Organizational Users)

Local Access To Privileged Accounts



IA-2(4)

Identification and Authentication (Organizational Users)

Local Access To Non-Privileged Accounts



IA-2(6)

Identification and Authentication (Organizational Users)

Network Access To Privileged Accounts - Separate Device



IA-2(7)

Identification and Authentication (Organizational Users)

Network Access To Non-Privileged Accounts - Separate Device



IA-2(11)



Поделитесь с Вашими друзьями:
1   ...   37   38   39   40   41   42   43   44   ...   48


База данных защищена авторским правом ©vossta.ru 2019
обратиться к администрации

    Главная страница