Specifications
Security Target Version 1.0 9/29/2014
47
5.2.4.8 User Identification and Authentication (FIA_UIA_EXT.1)
FIA_UIA_EXT.1.1
The TSF shall allow responses to the following actions prior to requiring the non-TOE entity to
initiate the identification and authentication process: Display the warning banner in accordance
with FTA_TAB.1; [no other services.]
FIA_UIA_EXT.1.2
The TSF shall require each administrative user to be successfully identified and authenticated
before allowing any other TSF-mediated actions on behalf of that administrative user.
Component Assurance Activity:
The evaluator shall examine the TSS to determine that it describes the logon process for each
logon method (local, remote (HTTPS, SSH, etc.)) supported for the product. This description shall
contain information pertaining to the credentials allowed/used, any protocol transactions that take
place, and what constitutes a 'successful logon'. The evaluator shall examine the operational
guidance to determine that any necessary preparatory steps (e.g., establishing credential material
such as pre-shared keys, tunnels, certificates, etc.) to logging in are described. For each supported
the login method, the evaluator shall ensure the operational guidance provides clear instructions
for successfully logging on. If configuration is necessary to ensure the services provided before
login are limited, the evaluator shall determine that the operational guidance provides sufficient
instruction on limiting the allowed services.
The evaluator shall perform the following tests for each method by which administrators access
the TOE (local and remote), as well as for each type of credential supported by the login method:
Test 1: The evaluator shall use the operational guidance to configure the appropriate credential
supported for the login method. For that credential/login method, the evaluator shall show that
providing correct I&A information results in the ability to access the system, while providing
incorrect information results in denial of access.
Test 2: The evaluator shall configure the services allowed (if any) according to the operational
guidance, and then determine the services available to an external remote entity. The evaluator
shall determine that the list of services available is limited to those specified in the requirement.
Test 3: For local access, the evaluator shall determine what services are available to a local
administrator prior to logging in, and make sure this list is consistent with the requirement.
5.2.4.9 Extended: X509 Certificates (FIA_X509_EXT.1)
FIA_X509_EXT.1.1
The TSF shall use X.509v3 certificates as defined by RFC 5280 to support authentication for
IPsec connections and [no other protocols].
FIA_X509_EXT.1.2
The TSF shall store and protect certificate(s) from unauthorized deletion and modification.
FIA_X509_EXT.1.3
The TSF shall provide the capability for Authorized Administrators to load X.509v3 certificates
into the TOE for use by the security functions specified in this PP.
Component Assurance Activity:
In order to show that the TSF supports the use of X.509v3 certificates according to the RFC 5280,
the evaluator shall ensure that the TSS describes the following information:
For each section of RFC 5280, any statement that is not 'MUST' (for example, 'MAY',
'SHOULD', 'SHOULD NOT', etc.) shall be described so that the reader can determine
whether the TOE implements that specific part of the standard;