Specifications
Security Target Version 1.0 9/29/2014
20
O.SESSION_LOCK
The TOE shall provide mechanisms that mitigate the risk of unattended sessions being hijacked.
O.SYSTEM_MONITORING
The TOE will provide the capability to generate audit data and send those data to an external IT
entity.
O.TIME_STAMPS
The TOE shall provide reliable time stamps and the capability for the administrator to set the time
used for these timestamps.
O.TOE_ADMINISTRATION
The TOE will provide mechanisms to ensure that only administrators are able to log in and
configure the TOE, and provide protections for logged-in administrators.
O.TSF_SELF_TEST
The TOE will provide the capability to test some subset of its security functionality to ensure it is
operating properly.
O.VERIFIABLE_UPDATES
The TOE will provide the capability to help ensure that any updates to the TOE can be verified by
the administrator to be unaltered and (optionally) from a trusted source.
O.WIRELESS_CLIENT_ACCESS
The TOE will provide the capability to restrict a wireless client in connecting to the TOE.
4.2 Security Objectives for the Environment
OE.NO_GENERAL_PURPOSE
There are no general-purpose computing capabilities (e.g., compilers or user applications)
available to the TOE, other than those services necessary for the operation, administration and
support of the TOE.
OE.NO_TOE_BYPASS
Information cannot flow between external and internal networks located in different enclaves
without passing through the TOE.
OE.PHYSICAL
Physical security, commensurate with the value of the TOE and the data it contains, is assumed to
be provided by the IT environment.
OE.TRUSTED_ADMIN
TOE Administrators are trusted to follow and apply all administrator guidance in a trusted manner.