Manualshelf

Specifications

ManualsBrandsAruba ManualsComputer equipment620
51525354555657585960
Security Target Version 1.0 9/29/2014
55
FTP_TRP.1.2
Refinement: The TSF shall permit remote administrators to initiate communication via the trusted
path.
FTP_TRP.1.3
The TSF shall require the use of the trusted path for initial administrator authentication and all
remote administration actions.
Component Assurance Activity:
The evaluator shall examine the TSS to determine that the methods of remote TOE administration
are indicated, along with how those communications are protected. The evaluator shall also
confirm that all protocols listed in the TSS in support of TOE administration are consistent with
those specified in the requirement, and are included in the requirements in the ST. The evaluator
shall confirm that the operational guidance contains instructions for establishing the remote
administrative sessions for each supported method. The evaluator shall also perform the following
tests:
Test 1: The evaluators shall ensure that communications using each specified (in the operational
guidance) remote administration method is tested during the course of the evaluation, setting up
the connections as described in the operational guidance and ensuring that communication is
successful.
Test 2: For each method of remote administration supported, the evaluator shall follow the
operational guidance to ensure that there is no available interface that can be used by a remote user
to establish a remote administrative session without invoking the trusted path.
Test 3: The evaluator shall ensure, for each method of remote administration, the channel data is
not sent in plaintext.
Test 4: The evaluator shall ensure, for each method of remote administration, modification of the
channel data is detected by the TOE.
Further assurance activities are associated with the specific protocols.
5.3 TOE Security Assurance Requirements
The SARs for the TOE are the EAL 1 components as specified in Part 3 of the Common Criteria. Note that the
SARs have effectively been refined with the assurance activities explicitly defined in association with both the SFRs
and SARs.
Requirement Class
Requirement Component
ADV: Development
ADV_FSP.1: Basic functional specification
AGD: Guidance documents
AGD_OPE.1: Operational user guidance
AGD_PRE.1: Preparative procedures
ALC: Life-cycle support
ALC_CMC.1: Labelling of the TOE
ALC_CMS.1: TOE CM coverage
ATE: Tests
ATE_IND.1: Independent testing - conformance
AVA: Vulnerability assessment
AVA_VAN.1: Vulnerability survey
Table 3 EAL 1 Assurance Components