User guide
Aruba Networks Security Target
Page 29 of 67
Authorized Administrator role shall be able to administer the
TOE remotely;
are satisfied.
5.3.7 Protection of the TSF (FPT)
FPT_SKP_EXT.1 Extended: Protection of TSF Data (for reading of all
symmetric keys)
FPT_SKP_EXT.1.1 The TSF shall prevent reading of all pre-shared keys, symmetric keys,
and private keys.
Application Note: The intent of the requirement is that an administrator is unable to read or
view the identified keys (stored or ephemeral) through “normal”
interfaces. While it is understood that the administrator could directly
read memory to view these keys, do so is not a trivial task and may
require substantial work on the part of an administrator. Since the
administrator is considered a trusted agent, it is assumed they would not
endeavor in such an activity.
FPT_APW_EXT.1 Extended: Protection of Administrator Passwords
FPT_APW_EXT.1.1 The TSF shall store passwords in non-plaintext form.
FPT_APW_EXT.1.2 The TSF shall prevent the reading of plaintext passwords.
Application Note: The intent of the requirement is that raw password authentication data
are not stored in the clear, and that no user or administrator is able to
read the plaintext password through “normal” interfaces. An all-powerful
administrator of course could directly read memory to capture a
password but is trusted not to do so.
FPT_STM.1 Reliable Time Stamps
FPT_STM.1.1 The TSF shall be able to provide reliable time stamps for its own use.
FPT_TUD_EXT.1 Extended: Trusted Update
FPT_TUD_EXT.1.1 The TSF shall provide security administrators the ability to query the
current version of the TOE firmware/software.
FPT_TUD_EXT.1.2 The TSF shall provide security administrators the ability to initiate
updates to TOE firmware/software.
FPT_TUD_EXT.1.3 The TSF shall provide a means to verify firmware/software updates to
the TOE using a digital signature mechanism prior to installing those
updates.
FPT_TST_EXT.1 TSF Testing