Security Target, Version 3.9 | March 18, 2008 |
|
|
8.6.2TOE Summary Specification Rationale for the Security Assurance Requirements
8.6.2.1Configuration Management
The Configuration Management documentation provides a description of tools used to control the configuration items and how they are used by Nortel. The documentation provides a complete configuration item list and a unique reference for each item. Additionally, the configuration management system is described including procedures that are used by developers to control and track changes that are made to the TOE. The documentation further details the TOE configuration items that are controlled by the configuration management system.
Corresponding CC Assurance Components:
Configuration Items
8.6.2.2Secure Delivery and Operation
The Delivery and Operation documentation provides a description of the secure delivery procedures implemented by Nortel to protect against TOE modification during product delivery. The Installation Documentation provided by Nortel details the procedures for installing the TOE and placing the TOE in a secure state offering the same protection properties as the master copy of the TOE. The Installation Documentation provides guidance to the administrator on the TOE configuration parameters and how they affect the TSF.
Corresponding CC Assurance Components:
Delivery Procedures
Installation, Generation, and
8.6.2.3Development
The Nortel design documentation consists of several related design documents that address the components of the TOE at different levels of abstraction. The following design documents address the Development Assurance Requirements:
The Functional Specification provides a description of the security functions provided by the TOE and a description of the external interfaces to the TSF. The Functional Specification covers the purpose and method of use and a list of effects, exceptions, and errors message for each external TSF interface.
The
The
The Implementation Representation unambiguously defines the TSF to a level of detail such that the TSF can be generated without further design decisions. It also describes the relationships between all portions of the implementation.
The Security Policy Model provides an informal TSP model and it demonstrates correspondence between the functional specification and the TSP model by showing that all of the security functions in the functional specification are consistent and complete with respect to the TSP model. The TSP model describes the rules and characteristics of all policies of the TSP that can be modeled. The model should include a rationale that demonstrates that it is consistent and complete with respect to all policies of the TSP that can be modeled.
The Correspondence Analysis demonstrates the correspondence between each of the TSF representations provided. This mapping is performed to show the functions traced from the ST description to the High- Level Design.
Nortel VPN Router v7.05 and Client Workstation v7.11 | Page 63 of 67 |
© 2008 Nortel Networks |
|