Nortel Networks 7.11, 7.05 manual Table of Contents

Page 3

Security Target, Version 3.9March 18, 2008

Table of Contents

REVISION HISTORY

2

TABLE OF CONTENTS

3

TABLE OF FIGURES

4

TABLE OF TABLES

4

1

SECURITY TARGET INTRODUCTION

5

 

1.1

PURPOSE

5

 

1.2

SECURITY TARGET, TOE AND CC IDENTIFICATION AND CONFORMANCE

5

 

1.3

CONVENTIONS, ACRONYMS, AND TERMINOLOGY

6

 

1.3.1

Conventions

6

 

1.3.2

Terminology

6

2

TOE DESCRIPTION

8

 

2.1

PRODUCT TYPE

8

 

2.2

PRODUCT DESCRIPTION

8

 

2.3

TOE BOUNDARIES AND SCOPE

10

 

2.3.1

Physical Boundary

10

 

2.3.2

Logical Boundary

11

 

2.3.3

Excluded TOE Functionality

15

3

TOE SECURITY ENVIRONMENT

16

 

3.1

ASSUMPTIONS

16

 

3.2

THREATS TO SECURITY

16

 

3.2.1

Threats Addressed by the TOE

17

 

3.2.2

Threats Addressed by the TOE Environment

17

4

SECURITY OBJECTIVES

18

 

4.1

SECURITY OBJECTIVES FOR THE TOE

18

 

4.2

SECURITY OBJECTIVES FOR THE ENVIRONMENT

19

 

4.2.1

IT Security Objectives

19

 

4.2.2

Non-IT Security Objectives

19

5

IT SECURITY REQUIREMENTS

20

 

5.1

TOE SECURITY FUNCTIONAL REQUIREMENTS

20

 

5.1.1

Class FAU: Security Audit

22

 

5.1.2

Class FCS: Cryptographic Support

24

 

5.1.3

Class FDP: User Data Protection

27

 

5.1.4

Class FIA: Identification and Authentication

31

 

5.1.5

Class FMT: Security Management

33

 

5.1.6

Class FPT: Protection of the TSF

37

 

5.1.7

Class FTP: Trusted Path/Channels

38

 

5.2

SECURITY FUNCTIONAL REQUIREMENTS ON THE IT ENVIRONMENT

39

 

5.3

ASSURANCE REQUIREMENTS

41

6

TOE SUMMARY SPECIFICATION

42

 

6.1

TOE SECURITY FUNCTIONS

42

 

6.1.1

Security Audit

43

 

6.1.2

Cryptographic Support

45

 

6.1.3

User Data Protection

46

 

6.1.4

Identification and Authentication

47

 

6.1.5

Security Management

47

 

6.1.6

Protection of the TOE Security Functions

48

 

6.1.7

Trusted Path/Channels

49

 

6.2

TOE SECURITY ASSURANCE MEASURES

49

 

 

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 3 of 67

 

 

 

© 2008 Nortel Networks

 

Image 3
Contents Nortel Networks Corsec Security, Inc Version Modification Date Modified By Description of Changes Revision HistoryTable of Contents Rationale Table of FiguresTable of Tables Protection Profile ClaimsST, TOE, and CC Identification and Conformance Security Target IntroductionPurpose Security Target, TOE and CC Identification and ConformanceTerminology Conventions, Acronyms, and TerminologyConventions TerminologyPrimary Admin password TOE Description Product TypeProduct Description Branch Office Deployment Configuration of the TOE Physical Boundary TOE Boundaries and ScopeTOE Environment Logical BoundaryEnterprise WorldSecurity Audit Cryptographic SupportUser Data Protection Trusted Path/Channels Identification and AuthenticationSecurity Management Protection of the TOE Security FunctionsExcluded TOE Functionality TOE Security Environment AssumptionsThreats to Security Threats Addressed by the TOE Environment Threats Addressed by the TOESecurity Objectives for the TOE Security ObjectivesOE.TIME Security Objectives for the EnvironmentIT Security Objectives Non-IT Security ObjectivesST Operation IT Security RequirementsTOE Security Functional Requirements TOE Security Functional RequirementsDescription ST Operation Auditable Events Class FAU Security AuditFAUGEN.1 Audit Data Generation FAUSAR.1 Audit reviewDependencies FAUGEN.1 Audit data generation FCSCKM.4 Cryptographic key destruction Class FCS Cryptographic SupportFCSCKM.1a Cryptographic key generation Diffie-Hellman FCSCKM.1b Cryptographic key generation RSAFCSCOP.1b Cryptographic operation authentication FCSCOP.1d Cryptographic operation random number generationFCSCOP.1e Cryptographic operation hashing Security Target, Version March 18 FDPIFC.2a Complete information flow control VPN FDPACC.2 Complete access controlFDPACF.1 Security attribute based access control Class FDP User Data ProtectionFDPIFF.1a Simple security attributes VPN FDPIFC.2b Complete information flow control FirewallFDPIFF.1b Simple security attributes Firewall FDPUIT.1.1 FDPUCT.1 Basic data exchange confidentialityFDPUIT.1 Data exchange integrity FDPUCT.1.1FIAUID.2 User identification before any action Class FIA Identification and AuthenticationFIAUAU.1 Timing of authentication FIAUAU.5 Multiple authentication mechanismsDependencies No dependencies FMTMSA.1a Management of security attributes Class FMT Security ManagementFMTMOF.1a Management of security functions behaviour FMTMOF.1b Management of security functions behaviourFMTMSA.2.1 FMTMSA.1c Management of security attributesFMTMSA.2 Secure security attributes FMTMSA.3a Static attribute initialisationFMTSMR.1 Security roles FMTSMF.1 Specification of Management FunctionsFMTMSA.3b Static attribute initialisation FMTMSA.3c Static attribute initialisationFMTSMR.1.2 FPTRPL.1 Replay detection FPTAMT.1 Abstract machine testingFPTTST.1 TSF testing Class FPT Protection of the TSFFTPTRP.1.2 Class FTP Trusted Path/ChannelsFTPTRP.1 Trusted path FTPTRP.1.1FPTSTM.1 Reliable time stamps Security Functional Requirements on the IT EnvironmentFPTRVM.1 Non-bypassability of the TSP FPTSEP.1 TSF domain separationSecurity Target, Version 3.9March 18 Assurance Requirements Assurance ComponentsAssurance Requirements Description Function TOE Summary SpecificationTOE Security Functions TOE SecuritySecurity Log Configuration LogSecurity Audit Accounting LogsEvent Log System LogValidation Modules Fips 140-2 Certificate # Cryptographic SupportFips Validated Modules FIPS-Validated Cryptographic AlgorithmsUser Data Protection Security Management Identification and AuthenticationPower-Up Self-Tests Protection of the TOE Security FunctionsConditional Self-Tests Assurance Assurance Measure Component TOE Security Assurance MeasuresTrusted Path/Channels TOE Security Functional Requirements Satisfied FTPTRP.1Augmentation to EAL 4+ assurance level Protection Profile Reference Protection Profile ClaimsTOE Objectives Environmental Objectives Non-IT RationaleSecurity Objectives Rationale Relationship of Security Threats to ObjectivesHack Certificate OE.CERTIFICATE Security Functional Requirements RationaleObjectives Requirements Relationship of Security Requirements to ObjectivesEnv Functions and dataFMTMSA.3a,b,c Able to access such functionalityIntegrity Reject packets based on their attributesFunctional Requirements Dependencies Security Assurance Requirements RationaleRationale for Strength of Function Dependency RationaleFCSCOP.1 TOE Summary Specification Rationale Configuration Management Secure Delivery and OperationDevelopment Guidance Documentation Life Cycle Support DocumentsTests Vulnerability and TOE Strength of Function Analyses Strength of FunctionDoD AcronymsAcronyms Acronym DefinitionSHA