Security Target, Version 3.9 | March 18, 2008 |
|
|
6 TOE Summary Specification
This section presents information to detail how the TOE meets the functional and assurance requirements described in previous sections of this ST.
6.1 TOE Security Functions
Each of the security function descriptions is organized by the security requirements corresponding to the security function. Hence, each function is described by how it specifically satisfies each of its related requirements. This serves to both describe the security functions and rationalize that the security functions are suitable to satisfy the necessary requirements.
Table 7 - Mapping of TOE Security Functions to Security Functional Requirements
|
|
|
|
|
|
|
| TOE Security |
|
|
|
|
|
|
| SFR ID |
| Description |
| |
| Function |
|
|
| ||
|
|
|
|
|
| |
|
|
|
|
|
|
|
| Security Audit |
| FAU_GEN.1 |
| Audit Data Generation |
|
|
|
|
|
|
|
|
|
|
| FAU_SAR.1 |
| Audit Review |
|
|
|
|
|
|
|
|
| Cryptographic Support |
| FCS_CKM.1(a) |
| Cryptographic Key Generation |
|
|
|
|
|
|
|
|
|
|
| FCS_CKM.1(b) |
| Cryptographic Key Generation |
|
|
|
|
|
|
|
|
|
|
| FCS_CKM.4 |
| Cryptographic Key Destruction |
|
|
|
|
|
|
|
|
|
|
| FCS_COP.1(a) |
| Cryptographic Operation |
|
|
|
|
|
|
|
|
|
|
| FCS_COP.1(b) |
| Cryptographic Operation |
|
|
|
|
|
|
|
|
|
|
| FCS_COP.1(d) |
| Cryptographic Operation |
|
|
|
|
|
|
|
|
|
|
| FCS_COP.1(e) |
| Cryptographic Operation |
|
|
|
|
|
|
|
|
| User Data Protection |
| FDP_ACC.2 |
| Complete Access Control |
|
|
|
|
|
|
|
|
|
|
| FDP_ACF.1 |
| Security Attribute Based Access Control |
|
|
|
|
|
|
|
|
|
|
| FDP_IFC.2(a) |
| Complete Information Flow Control |
|
|
|
|
|
|
|
|
|
|
| FDP_IFC.2(b) |
| Complete Information Flow Control |
|
|
|
|
|
|
|
|
|
|
| FDP_IFF.1(a) |
| Simple Security Attributes |
|
|
|
|
|
|
|
|
|
|
| FDP_IFF.1(b) |
| Simple Security Attributes |
|
|
|
|
|
|
|
|
|
|
| FDP_UCT.1 |
| Basic Data Exchange Confidentiality |
|
|
|
|
|
|
|
|
|
|
| FDP_UIT.1 |
| Data Exchange Integrity |
|
|
|
|
|
|
|
|
| Identification and |
| FIA_UAU.1 |
| Timing of Authentication |
|
| Authentication |
|
|
|
|
|
|
| FIA_UAU.5 |
| Multiple Authentication Mechanisms |
| |
|
|
|
|
| ||
|
|
|
|
|
|
|
|
|
| FIA_UID.2 |
| User Identification Before any Action |
|
|
|
|
|
|
|
|
| Security Management |
| FMT_MOF.1(a) |
| Management of Security Functions Behavior |
|
|
|
|
|
|
|
|
|
|
| FMT_MOF.1(b) |
| Management of Security Functions Behavior |
|
|
|
|
|
|
|
|
|
|
| FMT_MSA.1(a) |
| Management of Security Attributes |
|
|
|
|
|
|
|
|
|
|
| FMT_MSA.1(b) |
| Management of Security Attributes |
|
|
|
|
|
|
|
|
|
|
| FMT_MSA.1(c) |
| Management of Security Attributes |
|
|
|
|
|
|
|
|
|
|
| FMT_MSA.2 |
| Secure Security Attributes |
|
|
|
|
|
|
|
|
|
|
| FMT_MSA.3(a) |
| Static Attribute Initialization |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Nortel VPN Router v7.05 and Client Workstation v7.11 |
| Page 42 of 67 |
© 2008 Nortel Networks