Title: DBMS PP Extended Package – Access History DBMS PP Extended Package Abbreviation: AH Sponsor: DBMS Working Group / Technical Community CC Version: Common Criteria (CC) Version 3.1 R4
EP Version: 1.02
Publication Date: 23rd March, 2017
Keywords: database management system, DBMS PP, DBMS, COTS, access history
The base DBMS PP Security Problem Definition does not include a security objective relating to access history.
While many organizations do not specify this objective as part of their security problem definition, this additional security objective may need to be included in the security problem definition by some organizations in order to support further mitigation of the threats of T.ACCESS_TSFDATA, T.IA_MASQUERADE and T.TSF_COMPROMISE. This is achieved by allowing trained users to review their access history in order to help identify unauthorized access attempts.
This extended package supplements the DBMS PP by adding the TOE Security Objective O.ACCESS-HISTORY and the security functional requirement supporting that objective.
The DBMS PP Extended Package – Access History is part of the Database Management System Protection Profile framework defined in [DBMS PP] chapter 1.3. An ST author may optionally use this document specifying an extended package in addition to the DBMS base protection profile defined with [DBMS PP] chapters 3ff.
This section identifies the additional security objectives of the \<^cc_term>\<open>TOE\<close> and its supporting environment met by this extended package.
These security objectives identify the responsibilities of the cc_term>\<open>TOE\<close> and its environment in meeting the security problem definition (SPD).
The table below gives a summary of the policies, and threats relating to the TOE security objectives.
Security objectives coverage
Rationale for the Security objectives sufficiency
The table below gives the rationale for the TOE security objectives. In this extended package security objective O.ACCESS_HISTORY is supportive in reducing the threats T.ACCESS_TSFDATA, T.IA_MASQUERADE and T.TSF_COMPROMISE given in the base DBMS PP.
FTA_TAH_(EXT).1 TOE access information provides the requirement for a TOE to make available information related to attempts to establish a session.
Component levelling
FTA_TAH_(EXT).1 is not hierarchical to any other components. Management: FTA_TAH_(EXT).1
There are no management activities foreseen.
Audit: FTA_TAH_(EXT).1
There are no auditable events foreseen.
FTA_TAH_(EXT).1 TOE access information
Hierarchical to: No other components.
Dependencies: No dependencies.
FTA_TAH_(EXT).1.1
Upon a session establishment attempt, the TSF shall store
a. the [date and time] of the session establishment attempt of the user.
b. the incremental count of successive unsuccessful session establishment attempt(s).
FTA_TAH_(EXT).1.2
Upon successful session establishment, the TSF shall allow the [date and time] of
a. the previous last successful session establishment, and
b. the last unsuccessful attempt to session establishment and the number of unsuccessful attempts since the previous last successful session establishment
This section defines the functional requirements for the TOE that are amended or specified by this extended package.
Functional requirements in this extended package were drawn directly from Part 2 of the CC [1b], or were based on Part 2 of the CC, including the use of extended components. These requirements are relevant to supporting the secure operation of the TOE.
TOE Access (FTA)
FTA_TAH_(EXT).1 TOE access information FTA_TAH_(EXT).1.1
Upon a session establishment attempt, the TSF shall store
a. the [date and time] of the session establishment attempt of the user.
b. the incremental count of successive unsuccessful session establishment attempt(s).
FTA_TAH_(EXT).1.2
Upon successful session establishment, the TSF shall allow the [date and time] of
a. the previous last successful session establishment, and
b. the last unsuccessful attempt to session establishment and the number of unsuccessful attempts since the previous last successful session establishment
The following table provides the rationale for the selection of the security functional requirements. It traces each TOE security objective to the identified security functional requirements.