Security Target, Version 3.9 | March 18, 2008 |
|
|
for reuse. This ensures that the keys are completely destroyed before any other process might have access to that memory location.
TOE Security Functional Requirements Satisfied: FCS_CKM.1(a), FCS_CKM.1(b), FCS_CKM.4, FCS_COP.1(a), FCS_COP.1(b)., FCS_COP.1(d), FCS_COP.1(e)
6.1.3 User Data Protection
The TOE enforces access controls on each administrator and user of the TOE based on the privileges held by that user.
Access Control SFP: The TOE enforces the Access Control SFP on administrators by assigning privileges to administrators. The TOE configuration parameters can only be modified by those administrative users granted permission to do so by the Primary Admin. Administrators (specifically Restricted Admins) have a restricted level of access based on the permissions granted to them by the Primary Admin. Details of these privilege levels can be found in Section 2.3.2.5. All administrators must be authenticated before access is granted. The Primary Admin has access to all administrative functions after successfully being identified and authenticated to the TOE.
VPN Information Flow Control SFP: The TOE enforces the VPN Information Flow Control SFP by allowing connections only from VPN Clients who authenticate to the remote Nortel VPN Router (via the Nortel VPN Client) with either a username/password combination or via a digital certificate. The VPN Information Flow Control SFP is also enforced based on user identity and authentication credentials. The VPN Information Flow Control SFP enforces session tunnel filtering based on a packets protocol ID, direction, source and destination IP addresses, source and destination ports, and service.
The TSF enforces the VPN Information Flow Control SFP on user data in order to protect sent or received data from modification, deletion, insertion, or replay. Thus, the TSF can determine if the data has been modified, deleted, inserted, or replayed via the VPN Information Flow Control SFP.
The connection attributes configured in the Nortel VPN Router enable the remote user to create a tunnel into the Nortel VPN Router. The actual connection to the Nortel VPN Router is a tunnel that is started from the remote user’s PC, through the public network, and ends at the Nortel VPN Router on the private network. The Nortel VPN Router associates all remote users with a group which dictates the attributes (and privileges) that are assigned to a remote user session.
The VPN Information Flow Control SFP enforces the IPSec protocol for establishing a VPN. The VPN session that is established by remote users creates a trusted communications path between the remote user and the TOE. This communications path is logically distinct from other paths due to the cryptography that is used to encrypt the trusted session.
The TOE supports
Firewall Information Flow Control SFP: The TOE enforces the Firewall Information Flow Control SFP by allowing connections only from hosts on either side of a Nortel VPN Router. The Firewall Information Flow Control SFP is also enforced on packets based on their source and destination interface, source and destination IP addresses, source and destination ports, direction, and service.
The TOE’s Firewall examines both incoming and outgoing packets and compares them to a security policy. If the packet sequence numbers indicate a repeated packet, the TOE drops the packets as an identified replay attack.
Nortel VPN Router v7.05 and Client Workstation v7.11 | Page 46 of 67 |
© 2008 Nortel Networks |
|