8.2. Security Requirements Rationale
8.2.1. Security Functional Requirements Rationale Reason for the adoption of security functional requirements FDP_MTD.1 and FDP_SOS.1
Requirement : The control of security function and the validation of secret for IT environment
are executed in TOE security functional requirements
TSF is necessary to protect the HDD lock password used for the identification and authentication
from being changed so that OE.HDD can correctly execute the identification and authentication,
therefore, TOE security functional requirements are required.
HDD lock password is the secret of IT environment as well as the TSF data of HDD for IT
environment. They are the user data in terms of the TOE. However they have practically a
characteristic of TSF data that only the administrator handles because the data controls the
security function for IT environment. Such data cannot be handled by the FMT/FIA class of TOE
and is not the target access control for the general user.
In case that the management of this data is handled in FDP_ACC/FDP_ACF, the permitted
condition cannot be written (due to permission at all times) because the corresponding subject is
only the administrator. Moreover the HDD lock password cannot be handled by the FIA class
because it is “secret of IT environment”. Therefore, newly the functional requirements with
management characteristic is required to be defined in the FDP class.
These TOE security functional requirements are created following as FMT_MTD.1, FIA_SOS.1
of the management requirements. Correspondence between security objectives policies and IT security functional
Requirements shows the correspondence relation of the TOE security functional requirements to
the security objectives policies.