Nortel Networks 7.05, 7.11 manual Security Assurance Requirements Rationale, Dependency Rationale

Security Target, Version 3.9March 18, 2008

The IT Environment must ensure that the TOE receives reliable time information for time stamps from the Environment [FPT_RVM.1], and only receives it from an authorized and reliable source [FPT_STM.1].

8.3 Security Assurance Requirements Rationale

EAL 4+ was chosen to provide a basic level of independently assured security and thorough investigation of the TOE and its development. As such, minimal additional tasks are placed upon the vendor assuming the vendor follows reasonable software engineering practices and can provide support to the evaluation for design and testing efforts. The chosen assurance level is appropriate with the threats defined for the environment. While the TOE may operate in a hostile environment, it is expected to be protected by other products and processes designed to address threats that correspond with the intended environment. At EAL 4+, the TOE will have incurred an independent vulnerability analysis to support its introduction into the hostile environment.

The augmentation of ALC_FLR.2 was chosen to give greater assurance of the developer’s on-going flaw remediation processes.

8.4 Rationale for Strength of Function

The TOE minimum strength of function is SOF-basic. The evaluated TOE is intended to operate in commercial and DoD low robustness environments processing unclassified information. This security function is consistent with the security objectives described in Section 4.

8.5 Dependency Rationale

This ST satisfies all the requirement dependencies of the CC. Table 13 lists each requirement to which the TOE claims conformance with a dependency and indicates whether the dependent requirement was included. As indicated by the table, all dependencies have been met.

Table 13 - Functional Requirements Dependencies