Dependencies No dependencies | Nortel Networks 7.05, 7.11 specification

Security Target, Version 3.9	March 18, 2008

The TSF shall require each user to identify itself before allowing any other4 TSF-mediated actions on behalf of that user.

Dependencies: No dependencies

4“Other” in this SFR means any action not included in the assignment in FIA_UAU.1.1.

Nortel VPN Router v7.05 and Client Workstation v7.11	Page 32 of 67
© 2008 Nortel Networks

Page 32

Image 32

Nortel Networks 7.05, 7.11 manual Dependencies No dependencies

Contents

Nortel Networks Corsec Security, Inc Revision History Version Modification Date Modified By Description of Changes Table of Contents Table of Figures Table of TablesProtection Profile Claims Rationale Security Target Introduction PurposeSecurity Target, TOE and CC Identification and Conformance ST, TOE, and CC Identification and Conformance Conventions, Acronyms, and Terminology ConventionsTerminology Terminology Primary Admin password Product Description TOE DescriptionProduct Type Branch Office Deployment Configuration of the TOE TOE Boundaries and Scope Physical Boundary Logical Boundary TOE Environment World Enterprise User Data Protection Security AuditCryptographic Support Identification and Authentication Security ManagementProtection of the TOE Security Functions Trusted Path/Channels Excluded TOE Functionality Threats to Security TOE Security EnvironmentAssumptions Threats Addressed by the TOE Threats Addressed by the TOE Environment Security Objectives Security Objectives for the TOE Security Objectives for the Environment IT Security ObjectivesNon-IT Security Objectives OE.TIME IT Security Requirements TOE Security Functional RequirementsTOE Security Functional Requirements ST Operation Description ST Operation Class FAU Security Audit FAUGEN.1 Audit Data GenerationFAUSAR.1 Audit review Auditable Events Dependencies FAUGEN.1 Audit data generation Class FCS Cryptographic Support FCSCKM.1a Cryptographic key generation Diffie-HellmanFCSCKM.1b Cryptographic key generation RSA FCSCKM.4 Cryptographic key destruction FCSCOP.1e Cryptographic operation hashing FCSCOP.1b Cryptographic operation authenticationFCSCOP.1d Cryptographic operation random number generation Security Target, Version March 18 FDPACC.2 Complete access control FDPACF.1 Security attribute based access controlClass FDP User Data Protection FDPIFC.2a Complete information flow control VPN FDPIFC.2b Complete information flow control Firewall FDPIFF.1a Simple security attributes VPN FDPIFF.1b Simple security attributes Firewall FDPUCT.1 Basic data exchange confidentiality FDPUIT.1 Data exchange integrityFDPUCT.1.1 FDPUIT.1.1 Class FIA Identification and Authentication FIAUAU.1 Timing of authenticationFIAUAU.5 Multiple authentication mechanisms FIAUID.2 User identification before any action Dependencies No dependencies Class FMT Security Management FMTMOF.1a Management of security functions behaviourFMTMOF.1b Management of security functions behaviour FMTMSA.1a Management of security attributes FMTMSA.1c Management of security attributes FMTMSA.2 Secure security attributesFMTMSA.3a Static attribute initialisation FMTMSA.2.1 FMTSMF.1 Specification of Management Functions FMTMSA.3b Static attribute initialisationFMTMSA.3c Static attribute initialisation FMTSMR.1 Security roles FMTSMR.1.2 FPTAMT.1 Abstract machine testing FPTTST.1 TSF testingClass FPT Protection of the TSF FPTRPL.1 Replay detection Class FTP Trusted Path/Channels FTPTRP.1 Trusted pathFTPTRP.1.1 FTPTRP.1.2 Security Functional Requirements on the IT Environment FPTRVM.1 Non-bypassability of the TSPFPTSEP.1 TSF domain separation FPTSTM.1 Reliable time stamps Security Target, Version 3.9March 18 Assurance Requirements Assurance RequirementsAssurance Components TOE Summary Specification TOE Security FunctionsTOE Security Description Function Configuration Log Security AuditAccounting Logs Security Log System Log Event Log Cryptographic Support Fips Validated ModulesFIPS-Validated Cryptographic Algorithms Validation Modules Fips 140-2 Certificate # User Data Protection Identification and Authentication Security Management Conditional Self-Tests Power-Up Self-TestsProtection of the TOE Security Functions TOE Security Assurance Measures Trusted Path/ChannelsTOE Security Functional Requirements Satisfied FTPTRP.1 Assurance Assurance Measure Component Augmentation to EAL 4+ assurance level Protection Profile Claims Protection Profile Reference Rationale Security Objectives RationaleRelationship of Security Threats to Objectives TOE Objectives Environmental Objectives Non-IT Hack Certificate Security Functional Requirements Rationale OE.CERTIFICATE Relationship of Security Requirements to Objectives Objectives Requirements Functions and data Env Able to access such functionality FMTMSA.3a,b,c Reject packets based on their attributes Integrity Security Assurance Requirements Rationale Rationale for Strength of FunctionDependency Rationale Functional Requirements Dependencies FCSCOP.1 TOE Summary Specification Rationale Development Configuration ManagementSecure Delivery and Operation Tests Guidance DocumentationLife Cycle Support Documents Strength of Function Vulnerability and TOE Strength of Function Analyses Acronyms AcronymsAcronym Definition DoD SHA