Manualshelf

Specifications

ManualsBrandsAruba ManualsComputer equipment620
11121314151617181920
Security Target Version 1.0 9/29/2014
19
4. Security Objectives
Like the Security Problem Definition, the Security Objectives have been drawn from the Protection Profile for
Wireless Local Area Network (WLAN) Access Systems, version 1.0, 01 December 2011 (WLASPP). The WLASPP
offers additional information about the identified security objectives, but that has not been reproduced here and the
WLASPP should be consulted if there is interest in that material.
In general, the WLASPP has presented a Security Objectives appropriate for network infrastructure devices and as
such are applicable to the Mobility Controller and Access Point Series TOE.
4.1 Security Objectives for the TOE
O.AUTH_COMM
The TOE will provide a means to ensure users are not communicating with some other entity
pretending to be the TOE, and that the TOE is communicating with an authorized IT entity and not
some other entity pretending to be an authorized IT entity.
O.CRYPTOGRAPHIC_FUNCTIONS
The TOE shall provide cryptographic functions (i.e., encryption/decryption and digital signature
operations) to maintain the confidentiality and allow for detection of modification of TSF data that
is transmitted between physically separated portions of the TOE, or stored outside the TOE.
O.DISPLAY_BANNER
The TOE will display an advisory warning regarding use of the TOE.
O.FAIL_SECURE
The TOE shall fail in a secure manner following failure of the power-on self tests.
O.PROTECTED_COMMUNICATIONS
The TOE will provide protected communication channels for administrators, other parts of a
distributed TOE, and authorized IT entities.
O.PROTOCOLS
The TOE will ensure that standardized protocols are implemented in the TOE to RFC and/or
Industry specifications to ensure interoperability, that also support communication with a
centralized audit server and a RADIUS authentication server.
O.REPLAY_DETECTION
The TOE will provide a means to detect and reject the replay of authentication data and other TSF
data and security attributes.
O.RESIDUAL_INFORMATION_CLEARING
The TOE will ensure that any data contained in a protected resource is not available when the
resource is reallocated.
O.RESOURCE_AVAILABILITY
The TOE shall provide mechanisms that mitigate user attempts to exhaust TOE resources (e.g.,
persistent storage).
O.ROBUST_TOE_ACCESS
The TOE will provide mechanisms that control an administrator’s logical access to the TOE and to
control administrative access from a wireless client.