Technical data
Brocade Communications Systems, Inc. Page 44 of 48
O.ACCESS
O.ADMIN_ROLE
O.AUDIT_GNEERATION
O.MANAGE
O.TOE_PROTECTION
O.
USER_AUTHENTICATION
O.
USER_IDENTIFICATION
FMT_MSA.3 (1)
x
FMT_MSA.3 (2)
x
FMT_MTD.1(1)
x
FMT_MTD.1(2)
x
FMT_SMF.1
x
FMT_SMR.1
x
x
FPT_STM.1
x
FTA_MCS.1
x
FTA_TSE.1
x
FTP_TRP.1
x
ADV_ARC.1
x
Table 5 Objective to Requirement Correspondence
8.2.1.1 O.ACCESS
The TOE will ensure that users gain only authorized access to the TOE and to the resources that the TOE
controls.
This TOE Security Objective is satisfied by ensuring that:
• FDP_ACC.1, FDP_ACF.1: The TOE provides the ability to restrict block-read and block-write operations
to connected storage devices that are initiated by host bus adapters. Host bus adapter can only access
storage devices that are members of the same zone.
• FDP_IFC.1, FDP_IFF.1: For models of the product supporting user data encryption the TOE provides the
ability to encrypt/decrypt block-read and block-write operations to connected storage devices that are
initiated by the host bus adapter.
8.2.1.2 O.ADMIN_ROLE
The TOE will provide authorized administrator roles to isolate administrative actions thus limiting the
scope of errors that an administrator may cause.
This TOE Security Objective is satisfied by ensuring that:
• FMT_SMR.1: The TOE maintains only administrative roles.
8.2.1.3 O.AUDIT_GENERATION
The TOE will provide the capability create records of security relevant events associated with users.
This TOE Security Objective is satisfied by ensuring that: