Security Target, Version 3.9

March 18, 2008

 

 

5.1.5 Class FMT: Security Management

FMT_MOF.1(a) Management of security functions behaviour

Hierarchical to: No other components.

FMT_MOF.1.1(a)

The TSF shall restrict the ability to [modify the behaviour of] the functions [creation and rights assignment of Restricted Admins] to [Primary Admin].

Dependencies: FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MOF.1(b) Management of security functions behaviour

Hierarchical to: No other components.

FMT_MOF.1.1(b)

The TSF shall restrict the ability to [determine the behaviour of] the functions [all administrator functions allowed by Primary Admin] to [Restricted Admins].

Dependencies: FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MSA.1(a) Management of security attributes

Hierarchical to: No other components.

FMT_MSA.1.1(a)

The TSF shall enforce the [Access Control SFP] to restrict the ability to [modify] the security attributes [which includes all internal attributes available to the administrators] to [Primary Admin, Restricted Admins].

Dependencies: [FDP_ACC.1 Subset access control or

FDP_IFC.1 Subset information flow control]

FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MSA.1(b) Management of security attributes

Hierarchical to: No other components.

FMT_MSA.1.1(b)

The TSF shall enforce the [Firewall Information Control SFP] to restrict the ability to [modify] the security attributes [which includes all internal attributes available to the administrators] to [Primary Admin, Restricted Admins].

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 33 of 67

© 2008 Nortel Networks

 

Page 33
Image 33
Nortel Networks 7.11, 7.05 manual Class FMT Security Management, FMTMOF.1a Management of security functions behaviour