|
988 | 988 | <consistency-rationale/> |
989 | 989 | <f-element id="fau-stg-1e1"> |
990 | 990 | <title>The TSF shall be able to<selectables> |
991 | | - <selectable><h:mark>store audit data on the TOE itself</h:mark></selectable> |
992 | | - <selectable><h:mark>transmit audit data to an external IT entity using a trusted |
993 | | - channel in accordance with FTP_ITC_EXT.1</h:mark></selectable> |
| 991 | + <selectable>store audit data on the TOE itself</selectable> |
| 992 | + <selectable>transmit audit data to an external IT entity using a trusted |
| 993 | + channel in accordance with FTP_ITC_EXT.1</selectable> |
994 | 994 | <selectable id="sel-fau-stg-1e1-removable">write audit data to removable media |
995 | 995 | under administratie control in accordance with FIA_UIA_EXT.</selectable></selectables> |
996 | 996 | </title> |
|
1000 | 1000 | channel must be selected in FTP_ITC_EXT.1. <h:p/> |
1001 | 1001 | The ST Author selects "<h:i>removable media</h:i>" if the TOE supports offload of audit data using |
1002 | 1002 | removable media such as thumb drives or disks. Note that the CSfC Use Case prohibits the |
1003 | | - use of removable media.<h:mark>(Issue 71)</h:mark> |
| 1003 | + use of removable media. |
1004 | 1004 | </note> |
1005 | 1005 | <aactivity level="element"> |
1006 | 1006 | <TSS> |
|
6607 | 6607 | <note role="application"> |
6608 | 6608 | <h:mark>The purpose of this requirement is to prevent hammering attacks from avoiding triggering the |
6609 | 6609 | actions in FIA_AFL_EXT.1.5 by rebooting the system in order to zero the authentication |
6610 | | - failure count. This purpise is achieved by default if the minimum reboot time of the system |
| 6610 | + failure count. This purpose is achieved by default if the minimum reboot time of the system |
6611 | 6611 | is greater than the timeout penalty specified in FIA_AFL_EXT.1.5.<h:p/> |
6612 | 6612 | If the actions specified in FIA_AFL_EXT.1.5 are device wipe or a non-time-limited lockout, or if |
6613 | 6613 | the minimum reboot time is shorter than the specified lockout time, then |
|
6887 | 6887 | The TSF shall provide [<h:i>password and |
6888 | 6888 | <selectables> |
6889 | 6889 | <selectable id="sel-fia-uau-5-x509">X.509 certificate-based authentication</selectable> |
6890 | | - <selectable id="sel-fia-uau-5-ssh">SSH-based authentication</selectable> |
| 6890 | + <selectable id="sel-fia-uau-5-ssh"><h:mark>SSH-based public key, password, or certificate authentication</h:mark></selectable> |
6891 | 6891 | <selectable>biometric authentication</selectable> |
6892 | 6892 | <selectable exclusive="yes">no other authentication mechanism</selectable> |
6893 | 6893 | </selectables></h:i>] to support user authentication.<h:mark>See Issue 67</h:mark> |
|
7790 | 7790 | </aactivity> |
7791 | 7791 | </f-element> |
7792 | 7792 | <audit-event type="optional"> |
7793 | | - <audit-event-descr>Detection of intrusion.<h:mark>Made this optional (Issue 51)</h:mark></audit-event-descr> |
| 7793 | + <audit-event-descr>Detection of intrusion.</audit-event-descr> |
7794 | 7794 | <audit-event-info>None.</audit-event-info> |
7795 | 7795 | </audit-event> |
7796 | 7796 | </f-component> |
|
7854 | 7854 | </aactivity> |
7855 | 7855 | </f-element> |
7856 | 7856 | <audit-event type="optional"> |
7857 | | - <audit-event-descr>Detection of intrusion.<h:mark>Made this optional (Issue 51)</h:mark></audit-event-descr> |
| 7857 | + <audit-event-descr>Detection of intrusion.</audit-event-descr> |
7858 | 7858 | <audit-event-info>None.</audit-event-info> |
7859 | 7859 | </audit-event> |
7860 | 7860 | </f-component> |
|
0 commit comments