Nortel Networks 7.11, 7.05 manual Hack

Page 53

Security Target, Version 3.9March 18, 2008

T.AUTH-ERROR An authorized user may accidentally alter the configuration of a policy that permits or denies information flow through the TOE, thereby affecting the integrity of the transmitted information.

The TOE provide facilities to enable an authorized administrator to effectively manage the TOE and its security function, and ensures that only authorized administrators are able to access such functionality (O.ADMIN). The TOE provides functionality that enables testing of its correct functioning and integrity (O.TEST). Those responsible for the TOE train TOE users to establish and maintain sound security policies and practices (OE.TRAINED).

O.ADMIN, O.TEST, and OE.TRAINED combined ensure that this threat is removed.

T.DATA-MOD An attacker may intercept and alter the data transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel VPN Routers, in order to deceive the intended recipient.

The TOE protects itself from unauthorized modifications and access to its functions and data (O.SELFPROTECT). The TOE uses IPSec tunneling protocol to ensure confidentiality and integrity of data transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel VPN Routers (O.CONFIDENT & O.INTEGRITY). The TOE provides functionality that enables testing of its correct functioning and integrity (O.TEST). The TOE provides functionality that enables detection of replay attack and thus take action is a replay attack is detected (O.REPLAY).

O.SELFPROTECT, O.CONFIDENT, O.INTEGRITY, O.TEST, and O.REPLAY combined ensure that this threat is removed.

T. HACK-CRYPTO An attacker may successfully intercept and decrypt, then recover and modify the encrypted data that is in transit between the Nortel VPN Router and VPN Client, and/or between two Nortel VPN Routers.

The TOE protects itself from unauthorized modifications and access to its functions and data (O.SELFPROTECT). The TOE uses IPSec tunneling protocol to ensure confidentiality and integrity of data transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel VPN Routers (O.CONFIDENT & O.INTEGRITY). The TOE provides functionality that enables testing of its correct functioning and integrity (O.TEST). The TOE provides functionality that enables detection of replay attack and thus take action is a replay attack is detected (O.REPLAY).

O.SELFPROTECT, O.CONFIDENT, O.INTEGRITY, O.TEST, O.REPLAY combined ensure that this threat is removed.

T.HACK

An attacker may use malformed IP packets or similar attack methods against the TSF or

 

user data protected by the TOE in order to corrupt normal operation.

 

 

The TOE protects itself from unauthorized modifications and access to its functions and data

 

(O.SELFPROTECT). The TOE filters all incoming and outgoing packets that pass through it, and

 

accepts or rejects transmissions based on their attributes (O.FILTER). The environment ensures

 

that the required certificate infrastructure is provided so that the validity of certificates can be

 

verified. The TOE provides functionality that enables testing of its correct functioning and

 

integrity (O.TEST). The TOE provides functionality that enables detection of replay attack and

 

thus take action is a replay attack is detected (O.REPLAY). The Environment also ensures that

 

the chosen infrastructure is maintained so that certificates have their state accurately provided to

 

the TOE (OE.CERTIFICATE).

 

 

O.SELFPROTECT, O.FILTER, O.TEST, O.REPLAY, and OE.CERTIFICATE combined ensure

 

that this threat is removed.

 

 

 

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 53 of 67

 

© 2008 Nortel Networks

 

Page 52 Page 54
Image 53
Page 52 Page 54
Contents Nortel Networks Corsec Security, Inc Version Modification Date Modified By Description of Changes Revision HistoryTable of Contents Table of Tables Table of FiguresProtection Profile Claims RationalePurpose Security Target IntroductionSecurity Target, TOE and CC Identification and Conformance ST, TOE, and CC Identification and ConformanceConventions Conventions, Acronyms, and TerminologyTerminology TerminologyPrimary Admin password Product Description TOE DescriptionProduct Type Branch Office Deployment Configuration of the TOE Physical Boundary TOE Boundaries and ScopeTOE Environment Logical BoundaryEnterprise WorldUser Data Protection Security AuditCryptographic Support Security Management Identification and AuthenticationProtection of the TOE Security Functions Trusted Path/ChannelsExcluded TOE Functionality Threats to Security TOE Security EnvironmentAssumptions Threats Addressed by the TOE Environment Threats Addressed by the TOESecurity Objectives for the TOE Security ObjectivesIT Security Objectives Security Objectives for the EnvironmentNon-IT Security Objectives OE.TIMETOE Security Functional Requirements IT Security RequirementsTOE Security Functional Requirements ST OperationDescription ST Operation FAUGEN.1 Audit Data Generation Class FAU Security AuditFAUSAR.1 Audit review Auditable EventsDependencies FAUGEN.1 Audit data generation FCSCKM.1a Cryptographic key generation Diffie-Hellman Class FCS Cryptographic SupportFCSCKM.1b Cryptographic key generation RSA FCSCKM.4 Cryptographic key destructionFCSCOP.1e Cryptographic operation hashing FCSCOP.1b Cryptographic operation authenticationFCSCOP.1d Cryptographic operation random number generation Security Target, Version March 18 FDPACF.1 Security attribute based access control FDPACC.2 Complete access controlClass FDP User Data Protection FDPIFC.2a Complete information flow control VPNFDPIFF.1a Simple security attributes VPN FDPIFC.2b Complete information flow control FirewallFDPIFF.1b Simple security attributes Firewall FDPUIT.1 Data exchange integrity FDPUCT.1 Basic data exchange confidentialityFDPUCT.1.1 FDPUIT.1.1FIAUAU.1 Timing of authentication Class FIA Identification and AuthenticationFIAUAU.5 Multiple authentication mechanisms FIAUID.2 User identification before any actionDependencies No dependencies FMTMOF.1a Management of security functions behaviour Class FMT Security ManagementFMTMOF.1b Management of security functions behaviour FMTMSA.1a Management of security attributesFMTMSA.2 Secure security attributes FMTMSA.1c Management of security attributesFMTMSA.3a Static attribute initialisation FMTMSA.2.1FMTMSA.3b Static attribute initialisation FMTSMF.1 Specification of Management FunctionsFMTMSA.3c Static attribute initialisation FMTSMR.1 Security rolesFMTSMR.1.2 FPTTST.1 TSF testing FPTAMT.1 Abstract machine testingClass FPT Protection of the TSF FPTRPL.1 Replay detectionFTPTRP.1 Trusted path Class FTP Trusted Path/ChannelsFTPTRP.1.1 FTPTRP.1.2FPTRVM.1 Non-bypassability of the TSP Security Functional Requirements on the IT EnvironmentFPTSEP.1 TSF domain separation FPTSTM.1 Reliable time stampsSecurity Target, Version 3.9March 18 Assurance Requirements Assurance RequirementsAssurance Components TOE Security Functions TOE Summary SpecificationTOE Security Description FunctionSecurity Audit Configuration LogAccounting Logs Security LogEvent Log System LogFips Validated Modules Cryptographic SupportFIPS-Validated Cryptographic Algorithms Validation Modules Fips 140-2 Certificate #User Data Protection Security Management Identification and AuthenticationConditional Self-Tests Power-Up Self-TestsProtection of the TOE Security Functions Trusted Path/Channels TOE Security Assurance MeasuresTOE Security Functional Requirements Satisfied FTPTRP.1 Assurance Assurance Measure ComponentAugmentation to EAL 4+ assurance level Protection Profile Reference Protection Profile ClaimsSecurity Objectives Rationale RationaleRelationship of Security Threats to Objectives TOE Objectives Environmental Objectives Non-ITHack Certificate OE.CERTIFICATE Security Functional Requirements RationaleObjectives Requirements Relationship of Security Requirements to ObjectivesEnv Functions and dataFMTMSA.3a,b,c Able to access such functionalityIntegrity Reject packets based on their attributesRationale for Strength of Function Security Assurance Requirements RationaleDependency Rationale Functional Requirements DependenciesFCSCOP.1 TOE Summary Specification Rationale Development Configuration ManagementSecure Delivery and Operation Tests Guidance DocumentationLife Cycle Support Documents Vulnerability and TOE Strength of Function Analyses Strength of FunctionAcronyms AcronymsAcronym Definition DoDSHA
Top Page Image Contents