FPTRVM.1 Non-bypassability of the TSP | Nortel Networks 7.11, 7.05

Security Target, Version 3.9	March 18, 2008

5.2 Security Functional Requirements on the IT Environment

The TOE has the following security requirement for its IT environment. Table 5 identifies all SFRs implemented by the IT Environment and indicates the ST operations performed on each requirement.

Table 5 - IT Environment Security Functional Requirements

		ST Operation
SFR ID	Description	Selection	Assignment	Refinement	Iteration
SFR ID	Description
FPT_RVM.1	Non-bypassability of the TSP			
FPT_RVM.1	Non-bypassability of the TSP
FPT_SEP.1	TSF domain separation			
FPT_SEP.1	TSF domain separation
FPT_STM.1	Reliable time stamps			
FPT_STM.1	Reliable time stamps

FPT_RVM.1 Non-bypassability of the TSP

Hierarchical to: No other components.

FPT_RVM.1.1

The TSF IT Environment shall ensure that TSP enforcement functions are invoked and succeed before each function within the TSC is allowed to proceed.

Dependencies: No dependencies

FPT_SEP.1 TSF domain separation

Hierarchical to: No other components.

FPT_SEP.1.1

The TSF IT Environment shall maintain a security domain for its own the TOE’s execution that protects it the TOE from interference and tampering by untrusted subjects.

FPT_SEP.1.2

The TSF shall enforce separation between the security domains of subjects in the TSC.

Dependencies: No dependencies

FPT_STM.1 Reliable time stamps

Hierarchical to: No other components.

FPT_STM.1.1

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 39 of 67

© 2008 Nortel Networks

Image 39

Nortel Networks 7.11, 7.05 Security Functional Requirements on the IT Environment, FPTRVM.1 Non-bypassability of the TSP

Contents

Nortel Networks Corsec Security, Inc Version Modification Date Modified By Description of Changes Revision History Table of Contents Rationale Table of FiguresTable of Tables Protection Profile Claims ST, TOE, and CC Identification and Conformance Security Target IntroductionPurpose Security Target, TOE and CC Identification and Conformance Terminology Conventions, Acronyms, and TerminologyConventions Terminology Primary Admin password TOE Description Product TypeProduct Description Branch Office Deployment Configuration of the TOE Physical Boundary TOE Boundaries and Scope TOE Environment Logical Boundary Enterprise World Security Audit Cryptographic SupportUser Data Protection Trusted Path/Channels Identification and AuthenticationSecurity Management Protection of the TOE Security Functions Excluded TOE Functionality TOE Security Environment AssumptionsThreats to Security Threats Addressed by the TOE Environment Threats Addressed by the TOE Security Objectives for the TOE Security Objectives OE.TIME Security Objectives for the EnvironmentIT Security Objectives Non-IT Security Objectives ST Operation IT Security RequirementsTOE Security Functional Requirements TOE Security Functional Requirements Description ST Operation Auditable Events Class FAU Security AuditFAUGEN.1 Audit Data Generation FAUSAR.1 Audit review Dependencies FAUGEN.1 Audit data generation FCSCKM.4 Cryptographic key destruction Class FCS Cryptographic SupportFCSCKM.1a Cryptographic key generation Diffie-Hellman FCSCKM.1b Cryptographic key generation RSA FCSCOP.1b Cryptographic operation authentication FCSCOP.1d Cryptographic operation random number generationFCSCOP.1e Cryptographic operation hashing Security Target, Version March 18 FDPIFC.2a Complete information flow control VPN FDPACC.2 Complete access controlFDPACF.1 Security attribute based access control Class FDP User Data Protection FDPIFF.1a Simple security attributes VPN FDPIFC.2b Complete information flow control Firewall FDPIFF.1b Simple security attributes Firewall FDPUIT.1.1 FDPUCT.1 Basic data exchange confidentialityFDPUIT.1 Data exchange integrity FDPUCT.1.1 FIAUID.2 User identification before any action Class FIA Identification and AuthenticationFIAUAU.1 Timing of authentication FIAUAU.5 Multiple authentication mechanisms Dependencies No dependencies FMTMSA.1a Management of security attributes Class FMT Security ManagementFMTMOF.1a Management of security functions behaviour FMTMOF.1b Management of security functions behaviour FMTMSA.2.1 FMTMSA.1c Management of security attributesFMTMSA.2 Secure security attributes FMTMSA.3a Static attribute initialisation FMTSMR.1 Security roles FMTSMF.1 Specification of Management FunctionsFMTMSA.3b Static attribute initialisation FMTMSA.3c Static attribute initialisation FMTSMR.1.2 FPTRPL.1 Replay detection FPTAMT.1 Abstract machine testingFPTTST.1 TSF testing Class FPT Protection of the TSF FTPTRP.1.2 Class FTP Trusted Path/ChannelsFTPTRP.1 Trusted path FTPTRP.1.1 FPTSTM.1 Reliable time stamps Security Functional Requirements on the IT EnvironmentFPTRVM.1 Non-bypassability of the TSP FPTSEP.1 TSF domain separation Security Target, Version 3.9March 18 Assurance Requirements Assurance ComponentsAssurance Requirements Description Function TOE Summary SpecificationTOE Security Functions TOE Security Security Log Configuration LogSecurity Audit Accounting Logs Event Log System Log Validation Modules Fips 140-2 Certificate # Cryptographic SupportFips Validated Modules FIPS-Validated Cryptographic Algorithms User Data Protection Security Management Identification and Authentication Power-Up Self-Tests Protection of the TOE Security FunctionsConditional Self-Tests Assurance Assurance Measure Component TOE Security Assurance MeasuresTrusted Path/Channels TOE Security Functional Requirements Satisfied FTPTRP.1 Augmentation to EAL 4+ assurance level Protection Profile Reference Protection Profile Claims TOE Objectives Environmental Objectives Non-IT RationaleSecurity Objectives Rationale Relationship of Security Threats to Objectives Hack Certificate OE.CERTIFICATE Security Functional Requirements Rationale Objectives Requirements Relationship of Security Requirements to Objectives Env Functions and data FMTMSA.3a,b,c Able to access such functionality Integrity Reject packets based on their attributes Functional Requirements Dependencies Security Assurance Requirements RationaleRationale for Strength of Function Dependency Rationale FCSCOP.1 TOE Summary Specification Rationale Configuration Management Secure Delivery and OperationDevelopment Guidance Documentation Life Cycle Support DocumentsTests Vulnerability and TOE Strength of Function Analyses Strength of Function DoD AcronymsAcronyms Acronym Definition SHA