Manuals / Nortel Networks / Computer Equipment / Network Router

Nortel Networks 7.11 Class FMT Security Management, FMTMSA.1a Management of security attributes

Models: 7.11 7.05

1 67

Download 67 pages 33.01 Kb

Page 33

Security Target, Version 3.9	March 18, 2008

5.1.5 Class FMT: Security Management

FMT_MOF.1(a) Management of security functions behaviour

Hierarchical to: No other components.

FMT_MOF.1.1(a)

The TSF shall restrict the ability to [modify the behaviour of] the functions [creation and rights assignment of Restricted Admins] to [Primary Admin].

Dependencies: FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MOF.1(b) Management of security functions behaviour

Hierarchical to: No other components.

FMT_MOF.1.1(b)

The TSF shall restrict the ability to [determine the behaviour of] the functions [all administrator functions allowed by Primary Admin] to [Restricted Admins].

Dependencies: FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MSA.1(a) Management of security attributes

Hierarchical to: No other components.

FMT_MSA.1.1(a)

The TSF shall enforce the [Access Control SFP] to restrict the ability to [modify] the security attributes [which includes all internal attributes available to the administrators] to [Primary Admin, Restricted Admins].

Dependencies: [FDP_ACC.1 Subset access control or

FDP_IFC.1 Subset information flow control]

FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MSA.1(b) Management of security attributes

Hierarchical to: No other components.

FMT_MSA.1.1(b)

The TSF shall enforce the [Firewall Information Control SFP] to restrict the ability to [modify] the security attributes [which includes all internal attributes available to the administrators] to [Primary Admin, Restricted Admins].

Nortel VPN Router v7.05 and Client Workstation v7.11	Page 33 of 67
© 2008 Nortel Networks

Image 33

Nortel Networks 7.11, 7.05 manual Class FMT Security Management, FMTMOF.1a Management of security functions behaviour

Contents

Prepared for Evaluation Assurance Level EAL 4+ Document VersionPrepared by Nortel NetworksVersion Revision HistoryModification Date Modified ByTABLE OF CONTENTS Table of ContentsTOE SUMMARY SPECIFICATION REVISION HISTORYTable of Tables Table of FiguresPROTECTION PROFILE CLAIMS RATIONALE1.1 Purpose 1 Security Target Introduction1.2 Security Target, TOE and CC Identification and Conformance Table 1 - ST, TOE, and CC Identification and Conformance1.3.1 Conventions 1.3 Conventions, Acronyms, and Terminology1.3.2 Terminology Table 2 - TerminologyPrimary Admin password View Nortel VPN Router rightsPage 7 of 2 TOE Description Figure 1 - VPN Client Deployment Configuration of the TOE2.1 Product Type 2.2 Product DescriptionFigure 2 - Branch Office Deployment Configuration of the TOE 2.3 TOE Boundaries and Scope Figure 4 - Physical TOE Boundary in Branch Office Tunnel Mode2.3.1 Physical Boundary Figure 3 - Physical TOE Boundary2.3.1.1 TOE Environment 2.3.2 Logical BoundaryFigure 6 - TOE Logical Boundary in Branch Office Tunnel Mode Nortel VPN Switch Software VxWorks OS Contivity Hardware ApplianceThe World Software2.3.2.1 Security Audit 2.3.2.2 Cryptographic Support2.3.2.3 User Data Protection 2.3.2.5 Security Management 2.3.2.4 Identification and Authentication2.3.2.6 Protection of the TOE Security Functions 2.3.2.7 Trusted Path/Channels2.3.3 Excluded TOE Functionality 3 TOE Security Environment 3.1 Assumptions3.2 Threats to Security 3.2.2 Threats Addressed by the TOE Environment 3.2.1 Threats Addressed by the TOET.HACK TE.PHYSICAL4.1 Security Objectives for the TOE 4 Security Objectives4.2 Security Objectives for the Environment 4.2.1 IT Security Objectives4.2.2 Non-IT Security Objectives 5 IT Security Requirements 5.1 TOE Security Functional RequirementsTable 3 - TOE Security Functional Requirements Page 21 of FAUGEN.1 Audit Data Generation 5.1.1 Class FAU Security AuditFAUSAR.1 Audit review Table 4 - Auditable EventsPage 23 of Dependencies FAUGEN.1 Audit data generationFCSCKM.1a 5.1.2 Class FCS Cryptographic SupportCryptographic key generation Diffie-Hellman FCSCKM.1bFCSCOP.1b Cryptographic operation authenticationFCSCOP.1d Cryptographic operation random number generationFCSCKM.1 Cryptographic key generation FDPITC.2 Import of user data with security attributes, orFCSCKM.4 Cryptographic key destruction FMTMSA.2 Secure security attributesFDPACF.1 Security attribute based access control FDPACC.2 Complete access control5.1.3 Class FDP User Data Protection FDPIFC.2a Complete information flow control VPNFDPIFF.1a Simple security attributes VPN FDPIFC.2b Complete information flow control FirewallFDPIFF.1b Simple security attributes Firewall FDPUCT.1 Basic data exchange confidentiality FDPUIT.1 Data exchange integrityPage 30 of FIAUAU.1 Timing of authentication 5.1.4 Class FIA Identification and AuthenticationFIAUAU.5 Multiple authentication mechanisms FIAUID.2 User identification before any actionPage 32 of FMTMOF.1a Management of security functions behaviour 5.1.5 Class FMT Security ManagementFMTMOF.1b Management of security functions behaviour FMTMSA.1a Management of security attributesFMTMSA.2 Secure security attributes FMTMSA.1c Management of security attributesFMTMSA.3a Static attribute initialisation Page 34 ofFMTMSA.3b Static attribute initialisation FMTSMF.1 Specification of Management FunctionsFMTMSA.3c Static attribute initialisation FMTSMR.1 Security rolesPage 36 of The TSF shall be able to associate users with rolesFPTTST.1 TSF testing FPTAMT.1 Abstract machine testing5.1.6 Class FPT Protection of the TSF FPTRPL.1 Replay detectionFTPTRP.1 Trusted path 5.1.7 Class FTP Trusted Path/ChannelsFPTRVM.1 Non-bypassability of the TSP 5.2 Security Functional Requirements on the IT EnvironmentFPTSEP.1 TSF domain separation FPTSTM.1 Reliable time stampsPage 40 of Table 6 - Assurance Components 5.3 Assurance Requirements6.1 TOE Security Functions 6 TOE Summary SpecificationConfiguration Log 6.1.1 Security AuditAccounting Logs Security LogSystem Log Event LogTOE Security Functional Requirements Satisfied FAUGEN.1, FAUSAR.1 6.1.2 Cryptographic Support Table 8 - FIPS Validated ModulesTable 9 - FIPS-Validated Cryptographic Algorithms Page 46 of 6.1.3 User Data Protection6.1.5 Security Management 6.1.4 Identification and Authentication6.1.6.1 Power-Up Self-Tests 6.1.6 Protection of the TOE Security Functions6.1.6.2 Conditional Self-Tests 6.1.7 Trusted Path/Channels 6.2 TOE Security Assurance MeasuresPage 50 of 8 Augmentation to EAL 4+ assurance level7.1 Protection Profile Reference 7 Protection Profile Claims8 Rationale 8.1 Security Objectives RationaleTable 11 - Relationship of Security Threats to Objectives T.HACK Nortel VPN Router v7.05 and Client Workstation 2008 Nortel NetworksPage 54 of Page 55 of 8.2 Security Functional Requirements RationaleTable 12 - Relationship of Security Requirements to Objectives ObjectivesRequirements  The Primary Admin access to all the administrative functions that are used to enforce the SFP FMTMSA.3a,b,c O.REPLAY 8.4 Rationale for Strength of Function 8.3 Security Assurance Requirements Rationale8.5 Dependency Rationale Table 13 - Functional Requirements DependenciesMet by hierarchical SFR FDPIFC.2 9 Met by hierarchical SFR FDPACC.2Met by hierarchical SFR FIAUID.2 SFR ID8.6 TOE Summary Specification Rationale FCSCOP.1FDPUCT.1 8.6.2.1 Configuration Management 8.6.2.2 Secure Delivery and Operation8.6.2.3 Development 8.6.2.5 Life Cycle Support Documents 8.6.2.4 Guidance Documentation8.6.2.6 Tests Page 64 of8.6.2.7 Vulnerability and TOE Strength of Function Analyses 8.7 Strength of FunctionTable 15 - Acronyms 9 AcronymsPage 67 of