Security Target, Version 3.9 | March 18, 2008 |
|
|
The TSF is required to perform security management functions such as create users and assign roles to users [FMT_SMF.1]. The TOE must be able to recognize the different administrative and user roles that exist for the TOE [FMT_SMR.1].
O.INTEGRITY The TOE must use the IPSec tunneling protocol to ensure integrity of data transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel VPN Routers.
| The TSF is required to enforce the information flow control SFP on connections and all | ||||
| operations that cause information to flow | to and | from subjects | covered by the | SFP |
| [FDP_IFC.2(a,b)]. |
|
|
|
|
| The TSF is required to enforce the information flow control SFP based the types of subject and | ||||
| information security attributes. The TSF is required to permit information flow between a | ||||
| controlled subject and controlled information via a controlled operation if the connection is | ||||
| allowed. The TSF is required to deny an information flow based on the packet sequence number | ||||
| [FDP_IFF.1(a,b)]. |
|
|
|
|
| The TSF is required to enforce the information flow control SFP in order to send or receive objects | ||||
| in a manner protected from unauthorised disclosure [FDP_UCT.1]. |
|
| ||
| The TSF is required to enforce the information flow control SFP in order to send or receive user | ||||
| data in a manner protected from errors, and to determine whether | an error has occurred | |||
| [FDP_UIT.1]. |
|
|
|
|
| The TOE is required to use the specified tunneling protocol to better protect the integrity of the | ||||
| data transmitted in between its different parts. The RSA suite of algorithms and the Diffie- | ||||
| Hellman algorithm used by the TOE for cryptographic operations must be implemented according | ||||
| to RFC 3447 for RSA and RFC 2631 for | ||||
| keys by zeroizing them. For encryption and decryption operations, the TOE is required to use the | ||||
| 3DES and AES algorithms and they must be implemented according to FIPS | ||||
| FIPS 197 for AES. For authentication, the TOE is required to use | ||||
| implemented according to RFC 2104. For hashing, the TOE is required to use | ||||
| be implemented according to RFC | 3174 | [FCS_CKM.1(a), | FCS_CKM.4, | and |
| FCS_COP.1(a,b,c,d,e,f)]. |
|
|
|
|
O.REPLAY | The TOE must provide functionality that enables detection of replay attack and | take | |||
| appropriate action if an attack is detected. |
|
|
|
|
| The TOE is required to detect replay attacks on established IPSec sessions; if a replay attack is | ||||
| detected, the TOE is TOE is required to drop packets from the attacker [FPT_RLT.1]. |
| |||
O.FILTER | The TOE must filter all incoming and outgoing packets that pass through it, and accept or | ||||
| reject packets based on their attributes. |
|
|
|
|
| All operations between the different parts of the TOE must be scrutinized by the TOE against the | ||||
| VPN information flow control SFP and the Firewall information flow control SFP using specific | ||||
| security attributes. During this task, the TOE is required to make use of its Firewall, NAT, and | ||||
| IPSec tunneling protocol implementations [FDP_IFC.2(a,b), FDP_IFF.1(a,b), FDP_UCT.1, and | ||||
| FDP_UIT.1]. |
|
|
|
|
O.TEST | The TOE must provide functionality that enables testing of its correct functioning and | ||||
| integrity. |
|
|
|
|
| During | ||||
| tests to demonstrate the correct operation of the TSF. The TOE is also required to provide | ||||
|
|
|
| ||
Nortel VPN Router v7.05 and Client Workstation v7.11 |
|
| Page 59 of 67 | ||
| © 2008 Nortel Networks |
|
|
| |
