Assurance Requirements, Assurance Components | Nortel Networks 7.11

Security Target, Version 3.9	March 18, 2008

5.3 Assurance Requirements

This section defines the assurance requirements for the TOE. The assurance requirements are taken from Part 3 of the CC and are EAL 4 augmented with ALC_FLR.2. Table 6 below summarizes the components.

Table 6 - Assurance Components

		Assurance Requirements
		Assurance Requirements

	Class ACM:	ACM_AUT.1 Partial CM automation
	Configuration management
	Configuration management	ACM_CAP.4 General support and acceptance procedures
		ACM_CAP.4 General support and acceptance procedures

		ACM_SCP.2 Problem tracking CM coverage

	Class ADO:	ADO_DEL.2 Detection of modification
	Delivery and operation
	Delivery and operation	ADO_IGS.1 Installation, generation, and start-up procedures
		ADO_IGS.1 Installation, generation, and start-up procedures

	Class ADV:	ADV_FSP.2 Fully defined external interfaces
	Development
	Development	ADV_HLD.2 Security-enforcing high-level design
		ADV_HLD.2 Security-enforcing high-level design

		ADV_IMP.1 Subset of the implementation of the TSF

		ADV_LLD.1 Descriptive low-level design

		ADV_RCR.1 Informal correspondence demonstration

		ADV_SPM.1 Informal TOE security policy model

	Class AGD:	AGD_ADM.1 Administrator guidance
	Guidance documents
	Guidance documents	AGD_USR.1 User guidance
		AGD_USR.1 User guidance

	Class ALC:	ALC_DVS.1 Development security
	Life cycle support
	Life cycle support	ALC_FLR.2 Flaw reporting procedures
		ALC_FLR.2 Flaw reporting procedures

		ALC_LCD.1 Developer defined Life cycle model

		ALC_TAT.1 Well-defined development tools

	Class ATE:	ATE_COV.2 Analysis of coverage
	Tests
	Tests	ATE_DPT.1 Testing: high-level design
		ATE_DPT.1 Testing: high-level design

		ATE_FUN.1 Functional testing

		ATE_IND.2 Independent testing – sample

	Class AVA:	AVA_MSU.2 Validation of analysis
	Vulnerability assessment
	Vulnerability assessment	AVA_SOF.1 Strength of TOE security function evaluation
		AVA_SOF.1 Strength of TOE security function evaluation

		AVA_VLA.2 Independent vulnerability analysis

Nortel VPN Router v7.05 and Client Workstation v7.11	Page 41 of 67
© 2008 Nortel Networks

Image 41

Nortel Networks 7.11, 7.05 manual Assurance Requirements, Assurance Components

Contents

Nortel Networks Corsec Security, Inc Version Modification Date Modified By Description of Changes Revision History Table of Contents Table of Tables Table of FiguresProtection Profile Claims Rationale Purpose Security Target IntroductionSecurity Target, TOE and CC Identification and Conformance ST, TOE, and CC Identification and Conformance Conventions Conventions, Acronyms, and TerminologyTerminology Terminology Primary Admin password Product Description TOE DescriptionProduct Type Branch Office Deployment Configuration of the TOE Physical Boundary TOE Boundaries and Scope TOE Environment Logical Boundary Enterprise World User Data Protection Security AuditCryptographic Support Security Management Identification and AuthenticationProtection of the TOE Security Functions Trusted Path/Channels Excluded TOE Functionality Threats to Security TOE Security EnvironmentAssumptions Threats Addressed by the TOE Environment Threats Addressed by the TOE Security Objectives for the TOE Security Objectives IT Security Objectives Security Objectives for the EnvironmentNon-IT Security Objectives OE.TIME TOE Security Functional Requirements IT Security RequirementsTOE Security Functional Requirements ST Operation Description ST Operation FAUGEN.1 Audit Data Generation Class FAU Security AuditFAUSAR.1 Audit review Auditable Events Dependencies FAUGEN.1 Audit data generation FCSCKM.1a Cryptographic key generation Diffie-Hellman Class FCS Cryptographic SupportFCSCKM.1b Cryptographic key generation RSA FCSCKM.4 Cryptographic key destruction FCSCOP.1e Cryptographic operation hashing FCSCOP.1b Cryptographic operation authenticationFCSCOP.1d Cryptographic operation random number generation Security Target, Version March 18 FDPACF.1 Security attribute based access control FDPACC.2 Complete access controlClass FDP User Data Protection FDPIFC.2a Complete information flow control VPN FDPIFF.1a Simple security attributes VPN FDPIFC.2b Complete information flow control Firewall FDPIFF.1b Simple security attributes Firewall FDPUIT.1 Data exchange integrity FDPUCT.1 Basic data exchange confidentialityFDPUCT.1.1 FDPUIT.1.1 FIAUAU.1 Timing of authentication Class FIA Identification and AuthenticationFIAUAU.5 Multiple authentication mechanisms FIAUID.2 User identification before any action Dependencies No dependencies FMTMOF.1a Management of security functions behaviour Class FMT Security ManagementFMTMOF.1b Management of security functions behaviour FMTMSA.1a Management of security attributes FMTMSA.2 Secure security attributes FMTMSA.1c Management of security attributesFMTMSA.3a Static attribute initialisation FMTMSA.2.1 FMTMSA.3b Static attribute initialisation FMTSMF.1 Specification of Management FunctionsFMTMSA.3c Static attribute initialisation FMTSMR.1 Security roles FMTSMR.1.2 FPTTST.1 TSF testing FPTAMT.1 Abstract machine testingClass FPT Protection of the TSF FPTRPL.1 Replay detection FTPTRP.1 Trusted path Class FTP Trusted Path/ChannelsFTPTRP.1.1 FTPTRP.1.2 FPTRVM.1 Non-bypassability of the TSP Security Functional Requirements on the IT EnvironmentFPTSEP.1 TSF domain separation FPTSTM.1 Reliable time stamps Security Target, Version 3.9March 18 Assurance Requirements Assurance RequirementsAssurance Components TOE Security Functions TOE Summary SpecificationTOE Security Description Function Security Audit Configuration LogAccounting Logs Security Log Event Log System Log Fips Validated Modules Cryptographic SupportFIPS-Validated Cryptographic Algorithms Validation Modules Fips 140-2 Certificate # User Data Protection Security Management Identification and Authentication Conditional Self-Tests Power-Up Self-TestsProtection of the TOE Security Functions Trusted Path/Channels TOE Security Assurance MeasuresTOE Security Functional Requirements Satisfied FTPTRP.1 Assurance Assurance Measure Component Augmentation to EAL 4+ assurance level Protection Profile Reference Protection Profile Claims Security Objectives Rationale RationaleRelationship of Security Threats to Objectives TOE Objectives Environmental Objectives Non-IT Hack Certificate OE.CERTIFICATE Security Functional Requirements Rationale Objectives Requirements Relationship of Security Requirements to Objectives Env Functions and data FMTMSA.3a,b,c Able to access such functionality Integrity Reject packets based on their attributes Rationale for Strength of Function Security Assurance Requirements RationaleDependency Rationale Functional Requirements Dependencies FCSCOP.1 TOE Summary Specification Rationale Development Configuration ManagementSecure Delivery and Operation Tests Guidance DocumentationLife Cycle Support Documents Vulnerability and TOE Strength of Function Analyses Strength of Function Acronyms AcronymsAcronym Definition DoD SHA