Data Flows

Compared to the PP the components FDP_IFC.1 Subset Information Flow Con-trol and FDP_IFF.1 Simple Security Attributes have now been assigned specic values to identify and dene the Payment Application Data Flow Control SFP. Below the elements with assignments are stated and described.

FDP_IFC.1.1 The TSF shall enforce the Payment Application Data Flow Control SFP on data owing between the payment terminal and the POS application which causes information to ow into and out of the audit trail.

3.5. SFRS CHAPTER 3. ST

Class Modication

FAU_GEN.1 Assignment Iterated

FAU_GEN.2 Moved

FAU_SAR.1 Moved

FAU_SAR.2 Moved

FAU_STG.1 Moved

FCS_CKM.1 New

FCS_CKM.2 New

FCS_CKM.4 New

FCS_COP.1 New

FDP_IFC.1 Assignment FDP_IFF.1 Assignment

FDP_ITT.1 New

FDP_ITT.3 New

FIA_UAU.2 Moved

FIA_UAU.6 Moved

FIA_UID.2 Moved

FMT_MOF.1 Assignment Iterated FMT_MSA.1 Assignment

FMT_MSA.2 New

FMT_MSA.3 Assignment FMT_MTD.1 Assignment

Iterated FMT_SMF.1 Assignment

Iterated

FMT_SMR.1 Moved

Assignment

FPT_ITT.1 New

FPT_STM.1 Moved

FTA_SSL.1 Moved

FTA_SSL.2 Moved

FTP_ITC.1 New

Table 3.5: Modications to SFRs relative to the PP.

Now it is explicitly stated that the Payment Application Data Flow Control SFP shall be enforced on the data ows between the payment terminal and the POS application. All identied data ows included in the SFP are described in section 3.2.4.

CHAPTER 3. ST 3.5. SFRS

FDP_IFF.1.1 The TSF shall enforce the Payment Application Data Flow Control SFP based on the following types of subject and information security attributes:

a) Type of input/output device used in the data ow.

b) Role of user creating and receiving the data.

c) Type and sensitivity of the data.

d) Media in which the data ows.

e) Possible threat agents.

Here it is stated that the Payment Application Data Flow Control SFP shall be enforced on the basis of a threat analysis based on the listed security attributes.

FDP_IFF.1.2 The TSF shall permit an information ow between a controlled sub-ject and controlled information via a controlled operation if the following rules hold:

a) A threat analysis of the input/output device data ow is carried out.

b) and the following countermeasures to achieve desired high level of pro-tection for the data ow are implemented:

1) Secure authentication between the payment application and client en-suring correct authorization of the end points.

2) Encryption of the data ow using 3DES or AES ensuring the con-dentiality and integrity of the data.

This functional element states that a data ow can only be allowed if a threat analysis of the data ow has been conducted and counter measures to ensure a high level of protection of the data ow is implemented. The threat analysis conducted in section B.2.4 concluded that a high level of protection is needed due to the sensitivity of the data.

Therefore, the TOE shall be able to provide mutual authentication between the PA and PAC ensuring that the PAC is communicating with the authentic PA. Furthermore, the data ow shall be encrypted using 3DES or AES with appropriate key lengths.

In order to secure the data ows a trusted channel between the PA and PAC shall be implemented. In order to achieve this the class FTP Trusted Path/Channel is examined. This class provides the family FTP_ITC Inter-TSF Trusted Channel which denes requirements for creation of a trusted channel for secure communica-tion.

When the trusted channel is established communication between the PA and PAC will be considered as internal TOE transfer instead of inter-TSF transfer³. To fur-ther strengthen the requirements to the security of the data ows the components

3See gure 1.2 [CC204] p. 4.

3.5. SFRS CHAPTER 3. ST

FDP_ITT.1 Basic Internal Transfer Protection and FPT_ITT Internal TOE Data Transfer are introduced as both user and TSF data are transferred in the trusted channel. FDP_ITT.1 enforces the Payment Application Data Flow Control SFP to prevent modication and disclosure of user data transferred between the PA and PAC. FPT_ITT.1 protects TSF data from disclosure and modication when data is transmitted between the PA and the PAC.

As the trusted channel makes use of cryptographic functions, securing communica-tion, cryptographic support must be implemented. The class FCS Cryptographic Support provides this. It contains the two families FCS_CKM Cryptographic Key Management and FCS_COP Cryptographic Operation.

FCS_COP.1 Cryptographic Operation is used to dene which cryptographic op-erations the TOE shall support in order to implement encryption of the data ows and mutual authentication of the PA and PAC. It states that the TLS protocol shall be used to implement these functions with one of the following TLS cipher suites as described in [DA99] and [Cho02]:

a) TLS_RSA_WITH_3DES_EDE_CBC_SHA, b) TLS_RSA_WITH_AES_128_CBC_SHA, or

c) TLS_RSA_WITH_AES_256_CBC_SHA.

FCS_COP.1 has dependency on FCS_CKM.1 Cryptographic Key Generation and FCS_CKM.4 Cryptographic Key Destruction.

FCS_CKM.1 requires that the TOE shall generate cryptographic keys in accordance with a Secure Hash Standard based (SHS) random number generation as specied in FIPS 186 [U.S00] appendix 3 or an equivalent SHS based algorithm. Symmet-ric key sizes must be in accordance with the ones specied in FCS_COP.1 above.

FCS_CKM.4 requires that the TOE shall destroy cryptographic keys using any FIPS 140 level 1 validated key destruction method.

As keys are exchanged between the PA and the PAC a cryptographic key distri-bution method shall be stated. FCS_CKM.2 Cryptographic Key Distridistri-bution requires that cryptographic keys shall be distributed using RSA based key exchange, given by the TLS cipher suites, complying with FIPS 140.

FCS_COP.1, FCS_CKM.1, FCS_CKM.2, and FCS_CKM.4 all have dependency on FMT_MSA.2 Secure Security Attributes which is described in section 3.5.5.

To ensure integrity of the data ows the component FDP_ITT.3 Integrity Mon-itoring is implemented. It requires the TOE to enforce the Payment Application Data Flow Control SFP to monitor the transmitted data for cryptographic integrity

CHAPTER 3. ST 3.5. SFRS

errors. If errors are detected data shall be attempted to be resend a specied number of times before alerting the administrator.