NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0786:  Update to FDP_SBX_EXT.1.1 Assurance Activities

Publication Date

Protection Profiles

Other References

Issue Description

The test for FDP_SBX_EXT.1.1 was designed to work with outdated plugin architecture that is no longer aligned to modern web browsers.


The test under FDP_SBX_EXT.1.1 in PP_APP_WEBBROWSER_EP_V2.0 has been modified as follows, with green highlighted and underlined text indicating additions and red highlighted text with strikethrough indicating deletions:



The evaluator shall perform the following test on each platform claimed in the ST:

  • Test 1: The evaluator shall execute a form of mobile code within an HTML page that contains instructions to modify or delete a file from the file system and verify that the file is not modified for deleted.The evaluator shall inject shell code into a running browser rendering process. The shell code will be designed to modify or create a file on the system. The evaluator shall verify that the file was not modified as the browser process sandbox should not have permission to modify user or system files.

See issue description.

Site Map              Contact Us              Home