Technical data

ManualsBrandsBrocade Communications Systems ManualsHousehold Appliances8

Brocade Communications Systems, Inc. Page 23 of 48

5.1.8 Trusted Path (FTP)

5.1.8.1 Trusted path (FTP_TRP.1)

FTP_TRP.1.1 The TSF shall provide a communication path between itself and [remote] users that is logically

distinct from other communication paths and provides assured identification of its end points and

protection of the communicated data from [disclosure, modification].

FTP_TRP.1.2 The TSF shall permit [remote users] to initiate communication via the trusted path.

FTP_TRP.1.3 The TSF shall require the use of the trusted path for [[administrator access of the TOE via

Ethernet]].

5.2 TOE Security Assurance Requirements

The security assurance requirements for the TOE are the EAL-4 components and ALC_FLR.2, as specified in Part 3

of the Common Criteria. No operations are applied to the assurance components.

EAL-4 augmented was selected as the assurance level because the TOE is a commercial product whose users require

a moderate to high level of independently assured security. ALC_FLR.2 was selected to exceed EAL-4 assurance

objectives in order to ensure that identified flaws are addressed. The TOE is targeted at a relatively benign

environment with good physical access security and competent administrators. Within such environments it is

assumed that attackers will have little attack potential. As such, EAL-4 is appropriate to provide the assurance

necessary to counter the limited potential for attack.

Requirement Class

Requirement Component

ADV: Development

ADV_ARC.1: Security architecture description

ADV_FSP.4: Complete functional specification

ADV_IMP.1: Implementation representation of the

TSF

ADV_TDS.3: Basic modular design

AGD: Guidance documents

AGD_OPE.1: Operational user guidance

AGD_PRE.1: Preparative procedures

ALC: Life-cycle support

ALC_CMC.4: Production support, acceptance

procedures and automation

ALC_CMS.4: Problem tracking CM coverage

ALC_DEL.1: Delivery procedures

ALC_DVS.1: Identification of security measures

ALC_FLR.2: Flaw reporting procedures

ALC_LCD.1: Developer defined life-cycle model

ALC_TAT.1: Well-defined development tools

ATE: Tests

ATE_COV.2: Analysis of coverage

ATE_DPT.2: Testing: security enforcing modules

ATE_FUN.1: Functional testing

ATE_IND.2: Independent testing - sample

AVA: Vulnerability assessment

AVA_VAN.3: Focused vulnerability analysis

Table 2 EAL-4 Assurance Components

5.2.1 Development (ADV)

5.2.1.1 Security architecture description (ADV_ARC.1)

ADV_ARC.1.1d The developer shall design and implement the TOE so that the security features of the TSF cannot

be bypassed.

ADV_ARC.1.2d The developer shall design and implement the TSF so that it is able to protect itself from

tampering by untrusted active entities.

ADV_ARC.1.3d The developer shall provide a security architecture description of the TSF.