Security Target, Version 3.9

March 18, 2008

 

 

Dependencies: [FDP_ACC.1 Subset access control or

FDP_IFC.1 Subset information flow control]

FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MSA.1(c) Management of security attributes

Hierarchical to: No other components.

FMT_MSA.1.1(c)

The TSF shall enforce the [VPN Information Control SFP] to restrict the ability to [modify] the security attributes [which includes all internal attributes available to the administrators] to [Primary Admin, Restricted Admins].

Dependencies: [FDP_ACC.1 Subset access control or

FDP_IFC.1 Subset information flow control]

FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MSA.2 Secure security attributes

Hierarchical to: No other components.

FMT_MSA.2.1

The TSF shall ensure that only secure values are accepted for security attributes.

Dependencies: ADV_SPM.1 Informal TOE security policy model [FDP_ACC.1 Subset access control or FDP_IFC.1 Subset information flow control] FMT_MSA.1 Management of security attributes FMT_SMR.1 Security roles

FMT_MSA.3(a) Static attribute initialisation

Hierarchical to: No other components.

FMT_MSA.3.1(a)

The TSF shall enforce the [Access Control SFP] to provide [restrictive] default values for security attributes that are used to enforce the SFP.

FMT_MSA.3.2(a)

The TSF shall allow the [Primary Admin] to specify alternative initial values to override the default values when an object or information is created.

Dependencies: FMT_MSA.1 Management of security attributes

FMT_SMR.1 Security roles

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 34 of 67

© 2008 Nortel Networks

 

Page 34
Image 34
Nortel Networks 7.05, 7.11 FMTMSA.1c Management of security attributes, FMTMSA.2 Secure security attributes, FMTMSA.2.1