Chapter4
SECURITYOBJECTIVES
ThischapterdescribesthesecurityobjectivesfortheTOEandtheTOE’soperating
environment.ThesecurityobjectivesaredividedbetweenTOESecurityObjectives
(i.e.,securityobjectivesaddresseddirectlybytheTOE)andSecurityObjectivesfor
theOperatingEnvironment(i.e.,securityobjectivesaddressedbytheITdomainorby
non-technicalorproceduralmeans).
TableofContents
SECURITYOBJECTIVESFORTHETOE..................................................................4-1
SECURITYOBJECTIVESFORTHEENVIRONMENT...............................................4-2
4.1SECURITYOBJECTIVESFORTHETOE
Table4-1SecurityObjective
OBJECTIVESDESCRIPTION
O.AUDIT_REVIEWTheTOEwillprovidetheprivilegedadministratorsandauthentication
administratorsthecapabilitytoreviewAuditdataandwillrestrictaudit
reviewtoadministratorswhohavebeengrantedexplicitread-access.
TheTOEwillgenerateauditrecordswhichwillincludethetimethat
theeventoccurredandtheidentityoftheadministratorperforming
theevent.
O.MANAGETheTOEmustprovideservicesthatalloweffectivemanagementof
itsfunctionsanddataandrestrictaccesstotheTOEManagement
functionstotheprivilegedadministratorsandauthentication
administrators.
O.IDAUTHTheTOEmustuniquelyidentifyandauthenticatetheclaimedidentity
ofalladministrativeusersbeforegrantingmanagementaccess.
O.MEDIATETheTOEshallcontroltheowofinformationamong
itsnetworkconnectionsaccordingtoroutingrulesand
BGPv4/OSPFv2/IS-IS/RIPv2routingprotocolswhichpreventthe
communicationwithtrustedroutersfrommodication,insertionand
replayerrors.
O.TOE_ACCESSTheTOEwillprovidemechanismsthatcontrolanadministrator’s
logicalaccesstotheTOEandtodenyaccesstounattachedsessionto
conguretheTOE.
O.ROUTETheTOEshallbeabletoacceptroutingdatafromtrustedrouters
accordingtoBGPv4/OSPFv2/IS-IS/RIPv2.
4-1
SJ-20110815105844-030|2011/08/19(R1.6)ZTECORPORATION
To Next Page
Loading...
Need help?
General
