Specifications
Security Target Version 1.0 9/29/2014
90
8.2.1.13 O.TIME_STAMPS
The TOE shall provide reliable time stamps and the capability for the administrator to set the time used for
these timestamps.
This TOE Security Objective is satisfied by ensuring that:
• FPT_STM.1: Requires that the TOE be able to provide reliable time stamps for its own use and therefore,
partially satisfies this objective. Time stamps include date and time and are reliable in that they are always
available to the TOE, and the clock must be monotonically increasing.
8.2.1.14 O.TOE_ADMINISTRATION
The TOE will provide mechanisms to ensure that only administrators are able to log in and configure the
TOE, and provide protections for logged-in administrators.
This TOE Security Objective is satisfied by ensuring that:
• FIA_PMG_EXT.1: Defines management capabilities and requirements for administrator specification of
password/secret strength.
• FIA_UAU_EXT.5: Requires that the TSF provides local authentication methods (one of which is required
to be a local password-based mechanism, with other optional (potentially off-box) mechanisms allowed) to
ensure that unauthorized users cannot gain logical access to the TOE.
• FMT_MOF.1: Restricts the ability to manage certain functionality and identify security attributes of an
authorized administrator.
• FMT_MTD.1(1): Restricts the ability to manage certain functionality and identify security attributes of an
authorized administrator.
• FMT_MTD.1(2): Restricts the ability to manage certain functionality and identify security attributes of an
authorized administrator.
• FMT_MTD.1(3): Restricts the ability to manage certain functionality and identify security attributes of an
authorized administrator.
• FMT_SMF.1: Specifies the management functions that an only administrator must perform.
• FMT_SMR.1: Defines at least one administrator role (Authorized Administrator) to perform administrative
actions. The TSF is able to associate a human user to this role.
• FTP_TRP.1: Requires that the TSF provide a trusted path for remote administration.
8.2.1.15 O.TSF_SELF_TEST
The TOE will provide the capability to test some subset of its security functionality to ensure it is operating
properly.
This TOE Security Objective is satisfied by ensuring that:
• FPT_FLS.1: Requires that on a detected failure the TOE maintains a secure state.
• FPT_TST_EXT.1: Requires the TOE to provide a suite of self tests to assure the correct operation of the
TSF.
8.2.1.16 O.VERIFIABLE_UPDATES
The TOE will provide the capability to help ensure that any updates to the TOE can be verified by the
administrator to be unaltered and (optionally) from a trusted source.
This TOE Security Objective is satisfied by ensuring that:
• FCS_COP.1(2) and FCS_COP.1(3) specify digital signature algorithms and hash functions used in
verification of updates.
• FPT_TUD_EXT.1: Provides a way to determine the version of firmware running, initiate an update, and
verify the firmware/software updates to the TOE prior to installation.
8.2.1.17 O.WIRELESS_CLIENT_ACCESS
The TOE will provide the capability to restrict a wireless client in connecting to the TOE.