Specifications

Security Target Version 1.0 9/29/2014
49
Component Assurance Activity:
Since administrative functions manipulate the TSF data, the analysis performed by the evaluators
in the Assurance Activity for FMT_MOF.1 will demonstrate that this requirement is met.
5.2.5.3 Management of TSF Data (Reading of Authentication Data) (FMT_MTD.1(2))
FMT_MTD.1.1(2)
Refinement: The TSF shall prevent reading of the password-based authentication data.
Component Assurance Activity:
The evaluator shall examine the TSS to determine that it details all authentication data that are
subject to this requirement, and how they are stored in such a way that they are unable to be
viewed through an interface designed specifically for that purpose, as outlined in the application
note. If passwords or other authentication data are not stored in plaintext, the TSS shall describe
how the passwords are protected and how they are able to be used (e.g., administrator-entered
passphrase).
5.2.5.4 Management of TSF Data (for reading of all symmetric keys) (FMT_MTD.1(3))
FMT_MTD.1.1(3)
Refinement: The TSF shall prevent reading of all pre-shared keys, symmetric key, and private
keys.
Component Assurance Activity:
The evaluator shall examine the TSS to determine that it details how any pre-shared keys,
symmetric keys, and private keys are stored and that they are unable to be viewed through an
interface designed specifically for that purpose, as outlined in the application note. If these values
are not stored in plaintext, the TSS shall describe how they are protected/obscured.
5.2.5.5 Specification of management functions (FMT_SMF.1)
FMT_SMF.1.1
The TSF shall be capable of performing the following security management functions:
- Ability to configure the list of TOE services available before an entity is identified and
authenticated, as specified in FIA_UIA.1, respectively.
- Ability to configure the cryptographic functionality.
- Ability to update the TOE, and to verify the updates using the digital signature capability
(FCS_COP.1(2)) and
- No other functions.
- Ability to configure the TOE advisory notice and consent warning message regarding
unauthorized use of the TOE.
- Ability to configure all security management functions identified in other sections of this PP.
Component Assurance Activity:
This requirement merely ensures that the mechanisms called for in other requirements are actually
instantiated in the TOE; therefore, verification that these mechanisms exist and work in a manner
consistent with the other requirements is provided through the Assurance Activities associated
with those other requirements.
5.2.5.6 Security Management Roles (FMT_SMR.1)
FMT_SMR.1.1
The TSF shall maintain the roles: Authorized Administrator; [No other roles].
FMT_SMR.1.2
The TSF shall be able to associate users with roles.
FMT_SMR.1.3
The TSF shall ensure that the conditions Authorized Administrator role shall be able to administer
the TOE locally; Authorized Administrator role shall be able to administer the TOE remotely; he