Nortel Networks 7.11, 7.05 manual Security Audit, Cryptographic Support, User Data Protection

Page 13

Security Target, Version 3.9

March 18, 2008

 

 

Nortel VPN Router: Each of the logical components contained within the physical Nortel VPN Router are included within the TOE boundary. These components are:

oNortel VPN Switch Software o VxWorks OS

o Contivity Hardware Appliance.

Nortel VPN Client Workstation: The Nortel VPN Client software is part of the TOE but the underlying OS and hardware are excluded from the TOE boundary.

The TOE’s logical boundary includes all of the TOE Security Functions (TSFs). The Security Functional Requirements (SFRs) implemented by the TOE are usefully grouped under the following Security Function Classes:

FAU

Security Audit

FCS

Cryptographic Support

FDP

User Data Protection

FIA

Identification and Authentication

FMT

Security Management

FPT

Protection of the TOE Security Functions

FTP

Trusted Path/Channels

These functions are discussed in greater detail below.

2.3.2.1Security Audit

The Security Audit function provides the generation and viewing of audit records. The TOE generates five categories of audit data:

Accounting Log: contains information about user activities.

Security Log: contains information about security relevant activities.

Configuration Log: contains information about configuration relevant activities.

System Log: contains information about system relevant activities.

Event Log: contains the last 2000 logs entries of all activities.

Audit data is generated by the TOE and stored locally as flat files on internal storage. The TOE controls access to the audit data, and direct access to these flat files by the TOE administrator is not possible. The TOE supports automatic backup and archiving of the logs.

TOE users assigned to the appropriate user roles may read audit records but do not have write access. The audit data is presented to TOE users in a manner suitable for human readability.

2.3.2.2Cryptographic Support

The TOE implements and utilizes cryptographic algorithms and various other security algorithms in order to protect information being transferred between physically separated parts of the TOE. These algorithms include Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES), RSA (Rivest, Shamir, and Adleman), and Diffie-Hellman; Secure Hash Algorithm (SHA-1) and Keyed-Hash Message Authentication Code (HMAC)-SHA-1 for hashing; and FIPS 140-2 key zeroization for key destruction.

2.3.2.3User Data Protection

The TOE enforces the Access Control Security Functional Policy (SFP) on TOE subjects, objects, and operations. The architecture of the TOE ensures that all operations between objects and subjects are regulated by the TOE based upon the privilege criteria defined in the Access Control SFP.

The TOE enforces the VPN Information Flow Control (IFC) SFP and the Firewall IFC SFP through the use of IPSec. The IPSec protocol ensures confidentiality of communications between remote Nortel VPN Clients and

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 13 of 67

© 2008 Nortel Networks

 

Page 12 Page 14
Image 13
Page 12 Page 14
Contents Nortel Networks Corsec Security, Inc Version Modification Date Modified By Description of Changes Revision HistoryTable of Contents Table of Tables Table of FiguresProtection Profile Claims RationalePurpose Security Target IntroductionSecurity Target, TOE and CC Identification and Conformance ST, TOE, and CC Identification and ConformanceConventions Conventions, Acronyms, and TerminologyTerminology TerminologyPrimary Admin password Product Type TOE DescriptionProduct Description Branch Office Deployment Configuration of the TOE Physical Boundary TOE Boundaries and ScopeTOE Environment Logical BoundaryEnterprise WorldCryptographic Support Security AuditUser Data Protection Security Management Identification and AuthenticationProtection of the TOE Security Functions Trusted Path/ChannelsExcluded TOE Functionality Assumptions TOE Security EnvironmentThreats to Security Threats Addressed by the TOE Environment Threats Addressed by the TOESecurity Objectives for the TOE Security ObjectivesIT Security Objectives Security Objectives for the EnvironmentNon-IT Security Objectives OE.TIMETOE Security Functional Requirements IT Security RequirementsTOE Security Functional Requirements ST OperationDescription ST Operation FAUGEN.1 Audit Data Generation Class FAU Security AuditFAUSAR.1 Audit review Auditable EventsDependencies FAUGEN.1 Audit data generation FCSCKM.1a Cryptographic key generation Diffie-Hellman Class FCS Cryptographic SupportFCSCKM.1b Cryptographic key generation RSA FCSCKM.4 Cryptographic key destructionFCSCOP.1d Cryptographic operation random number generation FCSCOP.1b Cryptographic operation authenticationFCSCOP.1e Cryptographic operation hashing Security Target, Version March 18 FDPACF.1 Security attribute based access control FDPACC.2 Complete access controlClass FDP User Data Protection FDPIFC.2a Complete information flow control VPNFDPIFF.1a Simple security attributes VPN FDPIFC.2b Complete information flow control FirewallFDPIFF.1b Simple security attributes Firewall FDPUIT.1 Data exchange integrity FDPUCT.1 Basic data exchange confidentialityFDPUCT.1.1 FDPUIT.1.1FIAUAU.1 Timing of authentication Class FIA Identification and AuthenticationFIAUAU.5 Multiple authentication mechanisms FIAUID.2 User identification before any actionDependencies No dependencies FMTMOF.1a Management of security functions behaviour Class FMT Security ManagementFMTMOF.1b Management of security functions behaviour FMTMSA.1a Management of security attributesFMTMSA.2 Secure security attributes FMTMSA.1c Management of security attributesFMTMSA.3a Static attribute initialisation FMTMSA.2.1FMTMSA.3b Static attribute initialisation FMTSMF.1 Specification of Management FunctionsFMTMSA.3c Static attribute initialisation FMTSMR.1 Security rolesFMTSMR.1.2 FPTTST.1 TSF testing FPTAMT.1 Abstract machine testingClass FPT Protection of the TSF FPTRPL.1 Replay detectionFTPTRP.1 Trusted path Class FTP Trusted Path/ChannelsFTPTRP.1.1 FTPTRP.1.2FPTRVM.1 Non-bypassability of the TSP Security Functional Requirements on the IT EnvironmentFPTSEP.1 TSF domain separation FPTSTM.1 Reliable time stampsSecurity Target, Version 3.9March 18 Assurance Components Assurance RequirementsAssurance Requirements TOE Security Functions TOE Summary SpecificationTOE Security Description FunctionSecurity Audit Configuration LogAccounting Logs Security LogEvent Log System LogFips Validated Modules Cryptographic SupportFIPS-Validated Cryptographic Algorithms Validation Modules Fips 140-2 Certificate #User Data Protection Security Management Identification and AuthenticationProtection of the TOE Security Functions Power-Up Self-TestsConditional Self-Tests Trusted Path/Channels TOE Security Assurance MeasuresTOE Security Functional Requirements Satisfied FTPTRP.1 Assurance Assurance Measure ComponentAugmentation to EAL 4+ assurance level Protection Profile Reference Protection Profile ClaimsSecurity Objectives Rationale RationaleRelationship of Security Threats to Objectives TOE Objectives Environmental Objectives Non-ITHack Certificate OE.CERTIFICATE Security Functional Requirements RationaleObjectives Requirements Relationship of Security Requirements to ObjectivesEnv Functions and dataFMTMSA.3a,b,c Able to access such functionalityIntegrity Reject packets based on their attributesRationale for Strength of Function Security Assurance Requirements RationaleDependency Rationale Functional Requirements DependenciesFCSCOP.1 TOE Summary Specification Rationale Secure Delivery and Operation Configuration ManagementDevelopment Life Cycle Support Documents Guidance DocumentationTests Vulnerability and TOE Strength of Function Analyses Strength of FunctionAcronyms AcronymsAcronym Definition DoDSHA
Top Page Image Contents