Manualshelf

Specifications

ManualsBrandsAruba ManualsComputer equipment620
41424344454647484950
Security Target Version 1.0 9/29/2014
46
repeat Test 1 using the minimum length; the maximum length; and an invalid length. The
minimum and maximum length tests should be successful, and the invalid length must be rejected
by the TOE.
Test 3 [conditional]: If the TOE does not generate bit-based pre-shared keys, the evaluator shall
obtain a bit-based pre-shared key of the appropriate length and enter it according to the
instructions in the operational guidance. The evaluator shall then demonstrate that a successful
protocol negotiation can be performed with the key.
Test 4 [conditional]: If the TOE does generate bit-based pre-shared keys, the evaluator shall
generate a bit-based pre-shared key of the appropriate length and use it according to the
instructions in the operational guidance. The evaluator shall then demonstrate that a successful
protocol negotiation can be performed with the key.
5.2.4.5 Re-authenticating (FIA_UAU.6)
FIA_UAU.6.1
The TSF shall re-authenticate the administrative user under the conditions: when the user changes
their password, [no other conditions].
Application Note: Only administrators with “root” privilege level can change passwords. Users without “root”
privilege cannot change any password, even their own.
Component Assurance Activity:
The evaluator shall perform the following test for each of the conditions specified in the
requirement:
Test 1: The evaluator shall attempt to change their password as directed by the operational
guidance. While making this attempt, the evaluator shall verify that re-authentication is required.
5.2.4.6 Protected Authentication Feedback (FIA_UAU.7)
FIA_UAU.7.1
The TSF shall provide only obscured feedback to the administrative user while the authentication
is in progress at the local console.
Component Assurance Activity:
The evaluator shall perform the following test for each method of local login allowed:
Test 1: The evaluator shall locally authenticate to the TOE. While making this attempt, the
evaluator shall verify that at most obscured feedback is provided while entering the authentication
information.
5.2.4.7 Extended: Password-based Authentication Mechanisms (FIA_UAU_EXT.5)
FIA_UAU_EXT.5.1
The TSF shall provide a local password-based authentication mechanism, [ [LDAP, RADIUS, and
TACACS+-based authentication]] to perform administrative user authentication.
FIA_UAU_EXT.5.2
The TSF shall ensure that administrative users with expired passwords are [locked out until their
password is reset by an administrator].
Component Assurance Activity:
Assurance activities for this requirement are covered under those for FIA_UIA_EXT.1. If other
authentication mechanisms are specified, the evaluator shall include those methods in the activities
for FIA_UIA_EXT.1.