Specifications

ManualsBrandsAruba ManualsComputer equipment620

Security Target Version 1.0 9/29/2014

Appendix C and the assurance activities associated with those requirements provide details on the

guidance necessary for both the TOE and operational environment.

As indicated in the introductory material, administration of the TOE is performed by administrator

role. At a high level, the guidance must contain the appropriate instructions to allow local and

remote authenticated administrator access.

5.3.3 Life-cycle support (ALC)

5.3.3.1 Labelling of the TOE (ALC_CMC.1)

ALC_CMC.1.1d

The developer shall provide the TOE and a reference for the TOE.

ALC_CMC.1.1c

The TOE shall be labelled with its unique reference.

ALC_CMC.1.1e

The evaluator shall confirm that the information provided meets all requirements for content and

presentation of evidence.

Component Assurance Activity:

The evaluator shall check the ST to ensure that it contains an identifier (such as a product

name/version number) that specifically identifies the version that meets the requirements of the

ST. Further, the evaluator shall check the AGD guidance and TOE samples received for testing to

ensure that the version number is consistent with that in the ST. If the vendor maintains a web site

advertising the TOE, the evaluator shall examine the information on the web site to ensure that the

information in the ST is sufficient to distinguish the product.

5.3.3.2 TOE CM coverage (ALC_CMS.1)

ALC_CMS.1.1d

The developer shall provide a configuration list for the TOE.

ALC_CMS.1.1c

The configuration list shall include the following: the TOE itself; and the evaluation evidence

required by the SARs.

ALC_CMS.1.2c

The configuration list shall uniquely identify the configuration items.

ALC_CMS.1.1e

The evaluator shall confirm that the information provided meets all requirements for content and

presentation of evidence.

Component Assurance Activity:

The 'evaluation evidence required by the SARs' in this PP is limited to the information in the ST

coupled with the guidance provided to administrators and users under the AGD requirements. By

ensuring that the TOE is specifically identified and that this identification is consistent in the ST

and in the AGD guidance (as done in the assurance activity for ALC_CMC.1), the evaluator

implicitly confirms the information required by this component.

5.3.4 Tests (ATE)

5.3.4.1 Independent testing - conformance (ATE_IND.1)

ATE_IND.1.1d

The developer shall provide the TOE for testing.

ATE_IND.1.1c

The TOE shall be suitable for testing.

ATE_IND.1.1e

The evaluator shall confirm that the information provided meets all requirements for content and

presentation of evidence.