Manualshelf

Specifications

ManualsBrandsAruba ManualsComputer equipment620
21222324252627282930
Security Target Version 1.0 9/29/2014
21
5. IT Security Requirements
This section defines the Security Functional Requirements (SFRs) and Security Assurance Requirements (SARs)
that serve to represent the security functional claims for the Target of Evaluation (TOE) and to scope the evaluation
effort.
The SFRs have all been drawn from the Protection Profile (PP): Protection Profile for Wireless Local Area Network
(WLAN) Access Systems, version 1.0, 01 December 2011 (WLASPP). The refinements and operations already
performed in that PP are not identified (e.g., highlighted) here, rather the requirements have been copied from that
PP and any residual operations have been completed herein. Of particular note, the WLASPP made a number of
refinements and completed some of the SFR operations defined in the Common Criteria (CC) and that PP should be
consulted to identify those changes if necessary.
The SARs are also drawn from the WLASPP which includes all the SARs for EAL1 as defined in the CC. However,
the SARs are effectively refined since requirement-specific 'Assurance Activities' are defined in the WLASPP that
serve to ensure corresponding evaluations will yield more practical and consistent assurance than the EAL1
assurance requirements alone. As such, those assurance activities have been reproduced in this ST to ensure they are
included within the scope of the evaluation effort.
5.1 Extended Requirement Definitions
All of the extended requirements in this ST have been drawn from the WLASPP. The WLASPP defines the
following extended SFRs and since they are not redefined in this ST, the WLASPP should be consulted for more
information in regard to those CC extensions.
FAU_STG_EXT.1: External Audit Trail Storage
FAU_STG_EXT.3: Action in Case of Loss of Audit Server Connectivity
FCS_CKM_EXT.4: Cryptographic Key Zeroization
FCS_HTTPS_EXT.1: Explicit: HTTPS
FCS_IPSEC_EXT Extended: Internet Protocol Security (IPsec) Communications
FCS_RBG_EXT.1 Extended: Cryptographic operation (Random Bit Generation)
FCS_SSH_EXT.1: Explicit: SSH
FCS_TLS_EXT.1: Explicit: TLS
FIA_PMG_EXT.1: Password Management
FIA_UIA_EXT.1 User Identification and Authentication
FIA_UAU_EXT.5 Extended: Password-based Authentication Mechanisms
FIA_8021X_EXT.1 Extended: 802.1X Port Access Entity (Authenticator) Authentication
FIA_PSK_EXT.1 Extended: Pre-Shared Key Composition
FIA_X509_EXT.1 Extended: X509 Certificates
FPT_TST_EXT.1: TSF Testing
FPT_TUD_EXT.1: Extended: Trusted Update
FTA_SSL_EXT.1: TSF-initiated session locking
5.2 TOE Security Functional Requirements
The following table identifies the SFRs that are satisfied by Mobility Controller and Access Point Series TOE.