Re: [2600] Question related to ALC_FLR
Hi all,
My view, as a CC lab in the UK scheme is this.
ALC_FLR is about what processes you have internal to the development, to
identify, track and resolve flaws in the product. This will be
important to those customers who want to be sure that you as a developer
do have processes in place to respond to flaws.
You are correct that implementing changes to a certified product will,
potentially, result in the certificate no longer being valid. This is
why CC has the Assurance Continuity process, which allows you to
classify (in conjunction with your CC lab or the Scheme) patches and
fixes as either Minor or Major. Minor means that there is no impact on
the security functionality, and these can be implemented without
affecting the certified status of the product. Major means that there
probably is some impact on the certification, then the Scheme will
decide whether any further evaluation work needs to be done to look at
the Major changes, before they too can be included in the certified
configuration.
This may be of more interest to Government clients who are particularly
concerned about having a certified device, as opposed to those who may
want to buy a product from someone known to produce certified devices,
but also to want the latest patches.
As an example, here is a link to an Assurance Maintenance report,
showing that the Scheme (in this case, the German Scheme) have assessed
the changes to be Minor in nature and, therefore, the certification
status remains valid.
<http://www.commoncriteriaportal.org/public/files/epfiles/0379-ma1.pdf>
The two processes are not mutually exclusive, so you can include FLR in
the evaluation, and also then enter Assurance Maintenance to maintain
the certification once the initial evaluation is complete.
Hope that helps!
Best regards
Simon
Simon Milford
Head of SiVenture
Unit 6
Cordwallis Park
Clivemont Road
Maidenhead
Berkshire
SL6 7BU
Tel: +44 (0)1628 651 366
Mob: +44 (0) 7881 918 199
Fax: +44 (0)1628 651 365
simon.milford@siventure.com
www.siventure.com
-----Original Message-----
From: UEDA Shigeru [mailto:ueda.shigeru@CANON.CO.JP]
Sent: 17 October 2007 01:17
To: STDS-2600@LISTSERV.IEEE.ORG
Subject: [2600] Question related to ALC_FLR
Hi
Can I have your opinion regarding ALC_FLR? ( because I have no idea how
to solve my problem )
As you know, ALC_FLR is the "Flaw remediation" which requires that
discovered security flaws be tracked and corrected by the developer.
However, once corrected, the TOE becomes to be different from the TOE
which was certified. this is my understanding.
So you will need to get certified again with the corrected TOE before
providing it to the customer.
However, ALC_FLR does not require this process.
Is that mean that we leave the risk that vendor provides un-certified
software when he corrected the security bug?
Or, do you (or NIAP) think that corrected TOE is still the certified one
?
Or should we ask vendor to get certified again with the corrected TOE
before providing it to the customer?
Regards.
Shigeru Ueda.
************************************************************************
**************
This e-mail is confidential, the property of NDS Ltd and intended for
the addressee only. Any dissemination, copying or distribution of this
message or any attachments by anyone other than the intended recipient
is strictly prohibited. If you have received this message in error,
please immediately notify the postmaster@nds.com and destroy the
original message. Messages sent to and from NDS may be monitored. NDS
cannot guarantee any message delivery method is secure or error-free.
Information could be intercepted, corrupted, lost, destroyed, arrive
late or incomplete, or contain viruses. We do not accept responsibility
for any errors or omissions in this message and/or attachment that arise
as a result of transmission. You should carry out your own virus checks
before opening any attachment. Any views or opinions presented are
solely those of the author and do not necessarily represent those of
NDS.
To protect the environment please do not print this e-mail unless
necessary.
NDS Limited Registered office: One Heathrow Boulevard, 286 Bath Road,
West Drayton, Middlesex, UB7 0DQ, United Kingdom. A company registered
in England and Wales Registered no. 3080780 VAT no. GB 603 8808 40-00
************************************************************************
**************
************************************************************************
*********************************
This e-mail is confidential, the property of NDS Ltd and intended for
the addressee only. Any dissemination, copying or distribution of this
message or any attachments by anyone other than the intended recipient
is strictly prohibited. If you have received this message in error,
please immediately notify the postmaster@nds.com and destroy the
original message. Messages sent to and from NDS may be monitored. NDS
cannot guarantee any message delivery method is secure or error-free.
Information could be intercepted, corrupted, lost, destroyed, arrive
late or incomplete, or contain viruses. We do not accept responsibility
for any errors or omissions in this message and/or attachment that arise
as a result of transmission. You should carry out your own virus checks
before opening any attachment. Any views or opinions presented are
solely those of the author and do not necessarily represent those of
NDS.
To protect the environment please do not print this e-mail unless
necessary.
NDS Limited Registered office: One Heathrow Boulevard, 286 Bath Road,
West Drayton, Middlesex, UB7 0DQ, United Kingdom. A company registered
in England and Wales Registered no. 3080780 VAT no. GB 603 8808 40-00
************************************************************************
**********************************
*********************************************************************************************************
This e-mail is confidential, the property of NDS Ltd and intended for the addressee only. Any dissemination, copying or distribution of this message or any attachments by anyone other than the intended recipient is strictly prohibited. If you have received this message in error, please immediately notify the postmaster@nds.com and destroy the original message. Messages sent to and from NDS may be monitored. NDS cannot guarantee any message delivery method is secure or error-free. Information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. We do not accept responsibility for any errors or omissions in this message and/or attachment that arise as a result of transmission. You should carry out your own virus checks before opening any attachment. Any views or opinions presented are solely those of the author and do not necessarily represent those of NDS.
To protect the environment please do not print this e-mail unless necessary.
NDS Limited Registered office: One Heathrow Boulevard, 286 Bath Road, West Drayton, Middlesex, UB7 0DQ, United Kingdom. A company registered in England and Wales Registered no. 3080780 VAT no. GB 603 8808 40-00
**********************************************************************************************************