Provide the location of the issue
FAU_STG_EXT.1.3, 1.6.
What is the correction request for the cPP? Please describe.
FAU_STG_EXT.1.3 states that “The TSF shall maintain a [selection: log file, database, buffer, [assignment: other local logging method]] of audit records in the event that an interruption of communication with the remote audit server occurs.”
This SFR requires local records of some type but does not explain what needs to happen to those records, are they required to be re-transmitted or be accessible in other way?
After some extensive thinking on that, it now seems possible that PP authors considered multiple ways for making local logs available to administrator and selections options in FAU_STG_EXT.1.3 are designed to provide those various means of access:
Buffer - if TOE is going to retransmit local records
Log File - if TOE allows export of those log files,
Database - if TOE allows local display of audit records.
But there is no explicit requirement to mandate any of this.
Describe the solution you'd like
It needs to be made clear in the SFR language or appplication note:
If access to local logs is required at all.
If there is a general requirement for re-transmission of all local audit records
Are there different access methods and TOE is required to support at least one of them.
In case of re-transmission - is TOE required to attempt re-establish the connection to the remote audit server.
My preference to be to mandate at least display of local logs or export of local logs, with optional, but recommended re-transmission.
Describe alternatives you've considered
Alternative interpretation would be that ST author can select "local log file" in FAU_STG_EXT.1.3, then select 'None' in
FAU_STG_EXT.1.6 "The TSF shall provide the following mechanisms for administrative access to locally stored audit records [ none,]"
This way administrator or evaluator has no access to local logs whatsoever, posing troubles in usage and evaluation, but seemingly satisfying the requirement language. (see #291 )
Provide the location of the issue FAU_STG_EXT.1.3, 1.6.
What is the correction request for the cPP? Please describe. FAU_STG_EXT.1.3 states that “The TSF shall maintain a [selection: log file, database, buffer, [assignment: other local logging method]] of audit records in the event that an interruption of communication with the remote audit server occurs.” This SFR requires local records of some type but does not explain what needs to happen to those records, are they required to be re-transmitted or be accessible in other way? After some extensive thinking on that, it now seems possible that PP authors considered multiple ways for making local logs available to administrator and selections options in FAU_STG_EXT.1.3 are designed to provide those various means of access:
Describe the solution you'd like It needs to be made clear in the SFR language or appplication note:
Describe alternatives you've considered Alternative interpretation would be that ST author can select "local log file" in FAU_STG_EXT.1.3, then select 'None' in FAU_STG_EXT.1.6 "The TSF shall provide the following mechanisms for administrative access to locally stored audit records [ none,]" This way administrator or evaluator has no access to local logs whatsoever, posing troubles in usage and evaluation, but seemingly satisfying the requirement language. (see #291 )