Security Target, Version 3.9 | March 18, 2008 |
|
|
5.3 Assurance Requirements
This section defines the assurance requirements for the TOE. The assurance requirements are taken from Part 3 of the CC and are EAL 4 augmented with ALC_FLR.2. Table 6 below summarizes the components.
Table 6 - Assurance Components
|
| Assurance Requirements |
|
| |
|
|
|
| Class ACM: | ACM_AUT.1 Partial CM automation |
| Configuration management |
|
| ACM_CAP.4 General support and acceptance procedures | |
|
| |
|
|
|
|
| ACM_SCP.2 Problem tracking CM coverage |
|
|
|
| Class ADO: | ADO_DEL.2 Detection of modification |
| Delivery and operation |
|
| ADO_IGS.1 Installation, generation, and | |
|
| |
|
|
|
| Class ADV: | ADV_FSP.2 Fully defined external interfaces |
| Development |
|
| ADV_HLD.2 | |
|
| |
|
|
|
|
| ADV_IMP.1 Subset of the implementation of the TSF |
|
|
|
|
| ADV_LLD.1 Descriptive |
|
|
|
|
| ADV_RCR.1 Informal correspondence demonstration |
|
|
|
|
| ADV_SPM.1 Informal TOE security policy model |
|
|
|
| Class AGD: | AGD_ADM.1 Administrator guidance |
| Guidance documents |
|
| AGD_USR.1 User guidance | |
|
| |
|
|
|
| Class ALC: | ALC_DVS.1 Development security |
| Life cycle support |
|
| ALC_FLR.2 Flaw reporting procedures | |
|
| |
|
|
|
|
| ALC_LCD.1 Developer defined Life cycle model |
|
|
|
|
| ALC_TAT.1 |
|
|
|
| Class ATE: | ATE_COV.2 Analysis of coverage |
| Tests |
|
| ATE_DPT.1 Testing: | |
|
| |
|
|
|
|
| ATE_FUN.1 Functional testing |
|
|
|
|
| ATE_IND.2 Independent testing – sample |
|
|
|
| Class AVA: | AVA_MSU.2 Validation of analysis |
| Vulnerability assessment |
|
| AVA_SOF.1 Strength of TOE security function evaluation | |
|
| |
|
|
|
|
| AVA_VLA.2 Independent vulnerability analysis |
|
|
|
Nortel VPN Router v7.05 and Client Workstation v7.11 | Page 41 of 67 |
© 2008 Nortel Networks |
|