A.CONNECTIVITY feedback #8
Description
Two items on A.CONNECTIVITY for consideration:
- Where the assumption says the TOE relies on network connectivity "to carry out its management functions," it's ambiguous what these functions are. It is possible to interpret this assumption as referring to network availability for the MDM server, which could include server-side availability mechanisms such as failover protection or distributed denial of service protection. But section 5.3 only maps this assumption to OE.WIRELESS_NETWORK, which is an objective placed on the mobile devices that a wireless network is available to a mobile device (presumably because this is needed for MDM policies to be communicated down to the devices).
It is recommended either that A.CONNECTIVITY be updated to be more narrowly drawn (e.g. it is assumed that if a mobile device has wireless network connectivity, it will be able to communicate with the MDM server), or, if the intent is for A.CONNECTIVITY to be interpreted more broadly, another OE objective should be defined that is related to availability of the server. In this scenario, connectivity would have two dimensions: the ability for the mobile device to connect to a network, and then if the mobile device is on a network, the ability for the mobile device to access the MDM server because the server itself is up and running on its own network.
- The second sentence of A.CONNECTIVITY is "The TOE will robustly handle instances when connectivity is unavailable or unreliable." This is defining TOE behavior, which is inconsistent with the intent of how assumptions are to be used in the CC. This sentence should either be removed entirely or updated not to discuss anything the TOE is doing.