|Subject:||Security Attributes Include Attributes of Information and Resources|
|CC Part #1 Reference:||CC Part 1, Section 2.3|
|CC Part #2 Reference:|
|CC Part #3 Reference:|
There is a discrepancy between the definition of "Security attribute" in CC Part 1 and the use of the term in other portions of the CC, where security attributes are referred to in the context of information and resources.
The term "security attribute" also applies to security-related characteristics associated with information (under an information flow policy) and resources.
In order to address this interpretation, the following changes are made to CC v2.1, Part 1:
· Reword Subclause 2.3, paragraph 46 as follows:
Security attribute - Characteristics of subjects, users, objects, information, and/or resources that are used for the enforcement of the TSP.
No additional rationale required, the interpretation speaks for itself.