Joint task force transformation initiative

Download 5.8 Mb.

Page	170/186
Date	31.01.2017
Size	5.8 Mb.
	#13082

1 ... 166 167 168 169 170 171 172 173 ... 186

Note: The content of Table H-3, the mapping from the functional and assurance requirements in ISO/IEC 15408 (Common Criteria) to the security controls in Special Publication 800-53, is unaffected by the changes above.
Table H-3 provides a generalized mapping from the functional and assurance requirements in ISO/IEC 15408 (Common Criteria) to the security controls in Special Publication 800-53. The table represents an informal correspondence between security requirements and security controls (i.e., the table is not intended to determine whether the ISO/IEC 15408 security requirements are fully, partially, or not satisfied by the associated security controls). However, the table can serve as a beneficial starting point for further correspondence analysis. Organizations are cautioned that satisfying ISO/IEC 15408 security requirements for an particular evaluated and validated information technology product as represented by the presence of certain security controls from Appendix F, does not imply that such requirements have been satisfied throughout the entire information system (which may consist of multiple, integrated individual component products). Additional information explaining the specific mappings that appear in Table H-3 is available at the National Information Assurance Partnership (NIAP) website at: http://www.niap-ccevs.org.

TABLE H-3: MAPPING ISO/IEC 15408 TO NIST SP 800-53

ISO/IEC 15408 REQUIREMENTS		NIST SP 800-53 CONTROLS
*Functional Requirements*
FAU_ARP.1	Security Audit Automatic Response Security Alarms	AU-5	Response to Audit Processing Failures
		AU-5(1)	Response to Audit Processing Failures Audit Storage Capacity
		AU-5(2)	Response to Audit Processing Failures Real-Time Alerts
		AU-5(3)	Response to Audit Processing Failures Configurable Traffic Volume Thresholds
		AU-5(4)	Response to Audit Processing Failures Shutdown on Failure
		PE-6(2)	Monitoring Physical Access Automated Intrusion Recognition / Responses
		SI-3	Malicious Code Protection
		SI-3(8)	Malicious Code Protection Detect Unauthorized Commands
		SI-4(5)	Information System Monitoring System-Generated Alerts
		SI-4(7)	Information Systems Monitoring Automated Response to Suspicious Events
		SI-4(22)	Information Systems Monitoring Unauthorized Network Services
		SI-7(2)	Software, Firmware, and Information Integrity Automated Notifications of Integrity Violations
		SI-7(5)	Software, Firmware, and Information Integrity Automated Response to Integrity Violations
		SI-7(8)	Software, Firmware, and Information Integrity Auditing Capability for Significant Events
FAU_GEN.1	Security Audit Data Generation Audit Data Generation	AU-2	Audit Events
		AU-3	Content of Audit Records
		AU-3(1)	Content of Audit Records Additional Audit Information
		AU-12	Audit Generation
FAU_GEN.2	Security Audit Data Generation User Identity Association	AU-3	Content of Audit Records
FAU_SAA.1	Security Audit Analysis Potential Violation Analysis	SI-4	Information System Monitoring
FAU_SAA.2	Security Audit Analysis Profile-Based Anomaly Detection	AC-2(12)	Account Management Account Monitoring / Atypical Usage
FAU_SAA.2	Security Audit Analysis Profile-Based Anomaly Detection	SI-4	Information System Monitoring
FAU_SAA.3	Security Audit Analysis Simple Attack Heuristics	SI-3(7)	Malicious Code Protection Non Signature-Based Protection
FAU_SAA.3	Security Audit Analysis Simple Attack Heuristics	SI-4	Information System Monitoring
FAU_SAA.4	Security Audit Analysis Complex Attack Heuristics	SI-3(7)	Malicious Code Protection Non Signature-Based Protection
FAU_SAA.4	Security Audit Analysis Complex Attack Heuristics	SI-4	Information System Monitoring
FAU_SAR.1	Security Audit Review Audit Review	AU-7	Audit Reduction and Report Generation
FAU_SAR.2	Security Audit Review Restricted Audit Review	AU-9(6)	Protection of Audit Information Read Only Access
FAU_SAR.3	Security Audit Review Selectable Audit Review	AU-7	Audit Reduction and Report Generation
		AU-7(1)	Audit Reduction and Report Generation Automatic Processing
		AU-7(2)	Audit Reduction and Report Generation Automatic Sort and Search
FAU_SEL.1	Security Audit Event Selection Selective Audit	AU-12	Audit Generation
FAU_STG.1	Security Audit Event Storage Protected Audit Trail Storage	AU-9	Protection of Audit Information
FAU_STG.2	Security Audit Event Storage Guarantees of Audit Data Availability	AU-9	Protection of Audit Information Alternate audit capability
FAU_STG.3	Security Audit Event Storage Action In Case of Possible Audit Data Loss	AU-5	Response to Audit Processing Failures
		AU-5(1)	Response to Audit Processing Failures Audit Storage Capacity
		AU-5(2)	Response To Audit Processing Failures Real-Time Alerts
		AU-5(4)	Response To Audit Processing Failures Shutdown on Failure
FAU_STG.4	Security Audit Event Storage Prevention of Audit Data Loss	AU-4	Audit Storage Capacity
		AU-5	Response to Audit Processing Failures
		AU-5(2)	Response To Audit Processing Failures Real-Time Alerts
		AU-5(4)	Response To Audit Processing Failures Shutdown on Failure
FCO_NRO.1	Non-Repudiation of Origin Selective Proof of Origin	AU-10	Non-Repudiation
		AU-10(1)	Non-Repudiation Association Of Identities
		AU-10(2)	Non-Repudiation Validate Binding of Information Producer Identity
FCO_NRO.2	Non-Repudiation of Origin Enforced Proof of Origin	AU-10	Non-Repudiation
		AU-10(1)	Non-Repudiation Association Of Identities
		AU-10(2)	Non-Repudiation Validate Binding of Information Producer Identity
FCO_NRR.1	Non-Repudiation of Receipt Selective Proof of Receipt	AU-10	Non-Repudiation
		AU-10(1)	Non-Repudiation Association Of Identities
		AU-10(2)	Non-Repudiation Validate Binding of Information Producer Identity
FCO_NRR.2	Non-Repudiation of Receipt Enforced Proof of Receipt	AU-10	Non-Repudiation
		AU-10(1)	Non-Repudiation Association Of Identities
		AU-10(2)	Non-Repudiation Validate Binding of Information Producer Identity
FCS_CKM.1	Cryptographic Key Management Cryptographic Key Generation	SC-12	Cryptographic Key Establishment and Management
FCS_CKM.2	Cryptographic Key Management Cryptographic Key Distribution	SC-12	Cryptographic Key Establishment and Management
FCS_CKM.3	Cryptographic Key Management Cryptographic Key Access	SC-12	Cryptographic Key Establishment and Management
FCS_CKM.4	Cryptographic Key Management Cryptographic Key Destruction	SC-12	Cryptographic Key Establishment and Management
FCS_COP.1	Cryptographic Operation Cryptographic Operation	SC-13	Cryptographic Protection
FDP_ACC.1	Access Control Policy Subset Access Control	AC-3	Access Enforcement
		AC-3(3)	Access Enforcement Mandatory Access Control
		AC-3(4)	Access Enforcement Discretionary Access Control
		AC-3(7)	Access Enforcement Role-Based Access Control
FDP_ACC.2	Access Control Policy Complete Access Control	AC-3	Access Enforcement
		AC-3(3)	Access Enforcement Mandatory Access Control
		AC-3(4)	Access Enforcement Discretionary Access Control
		AC-3(7)	Access Enforcement Role-Based Access Control
FDP_ACF.1	Access Control Functions Security Attribute Based Access Control	AC-3	Access Enforcement
		AC-3(3)	Access Enforcement Mandatory Access Control
		AC-3(4)	Access Enforcement Discretionary Access Control
		AC-3(7)	Access Enforcement Role-Based Access Control
		AC-16	Security Attributes
		SC-16	Transmission of Security Attributes
FDP_DAU.1	Data Authentication Basic Data Authentication	SI-7	Software, Firmware, and Information Integrity
		SI-7(1)	Software, Firmware, and Information Integrity Integrity Checks
		SI-7(6)	Software, Firmware, And Information Integrity Cryptographic Protection
		SI-10	Information Input Validation
FDP_DAU.2	Data Authentication Data Authentication With Identity of Guarantor	SI-7	Software, Firmware, and Information Integrity
		SI-7(1)	Software, Firmware, and Information Integrity Integrity Checks
		SI-7(6)	Software, Firmware, And Information Integrity Cryptographic Protection
		SI-10	Information Input Validation
FDP_ETC.1	Export from the TOE Export of User Data without Security Attributes	No Mapping.
FDP_ETC.2	Export from the TOE Export of User Data with Security Attributes	AC-4(18)	Information Flow Enforcement Security Attribute Binding
		AC-16	Security Attributes
		AC-16(5)	Security Attributes Attribute Displays for Output Devices
		SC-16	Transmission of Security Attributes
FDP_IFC.1	Information Flow Control Policy Subset Information Flow Control	AC-3	Access Enforcement
		AC-3(3)	Access Enforcement Mandatory Access Control
		AC-4	Information Flow Enforcement

Directory: publications
publications -> Acm word Template for sig site
publications ->  Preparation of Papers for ieee transactions on medical imaging
publications -> Adjih, C., Georgiadis, L., Jacquet, P., & Szpankowski, W. (2006). Multicast tree structure and the power law
publications -> Swiss Federal Institute of Technology (eth) Zurich Computer Engineering and Networks Laboratory
publications -> Quantitative skills
publications -> Multi-core cpu and gpu implementation of Discrete Periodic Radon Transform and Its Inverse
publications -> List of Publications Department of Mechanical Engineering ucek, jntu kakinada
publications -> 1. 2 Authority 1 3 Planning Area 1
publications -> Sa michelson, 2011: Impact of Sea-Spray on the Atmospheric Surface Layer. Bound. Layer Meteor., 140 ( 3 ), 361-381, doi: 10. 1007/s10546-011-9617-1, issn: Jun-14, ids: 807TW, sep 2011 Bao, jw, cw fairall, sa michelson

Download 5.8 Mb.

Share with your friends:

1 ... 166 167 168 169 170 171 172 173 ... 186