Security Target, Version 3.9

March 18, 2008

 

 

Corresponding CC Assurance Components:

Analysis of Coverage

High-Level Design

Functional Testing

Independent Testing

8.6.2.7Vulnerability and TOE Strength of Function Analyses

The Validation of Analysis documentation identifies all possible modes of operation of the TOE, their consequences and implications for maintaining secure operation. The Strength of TOE Security Function Analysis demonstrates the strength of the probabilistic or permutational mechanisms employed to provide security functions within the TOE and how they exceed the minimum SOF requirements. The Vulnerability Analysis documentation describes the analysis of the TOE deliverables performed to search for ways in which a user can violate the TSP, and the disposition of the identified vulnerabilities.

Corresponding CC Assurance Components:

Validation of Analysis

Strength of TOE Security Function Evaluation

Independent Vulnerability Analysis

8.7 Strength of Function

A Strength of Function rating of “SOF-basic” is claimed for this TOE to meet the EAL 4+ assurance requirements. This SOF is sufficient to resist the threats identified in Section 3. Section 4 provides evidence that demonstrates that TOE threats are countered by the TOE security objectives. Section 8 demonstrates that the security objectives for the TOE and the TOE environment are satisfied by the security requirements. The evaluated TOE is intended to operate in commercial and DoD low robustness environments processing unclassified information.

The overall TOE SOF claim is SOF-basic because this SOF is sufficient to resist the threats identified in Section 3.2. Section 8.1 provides evidence that demonstrates that TOE threats are countered by the TOE security objectives. Section 8.2 demonstrates that the security objectives for the TOE and the TOE environment are satisfied by the security requirements.

The relevant security functions and security functional requirements which have probabilistic or permutational functions are FIA_UAU.1, and FIA_UAU.5.

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 65 of 67

© 2008 Nortel Networks

 

Page 65
Image 65
Nortel Networks 7.11, 7.05 manual Vulnerability and TOE Strength of Function Analyses