Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller

6 SECURITY REQUIREMENTS .................................................................................................... 39

6.1 TOE SECURITY FUNCTIONAL REQUIREMENTS ............................................................................................... 40

6.1.1 FAU_GEN.1(1) Audit Data Generation ............................................................................................. 42

6.1.2 FAU_GEN.2 User Identity Association .............................................................................................. 45

6.1.3 FAU_SEL.1(1) Selective Audit ............................................................................................................ 45

6.1.4 FCS_BCM_(EXT).1 Extended: Baseline Cryptographic Module ........................................................ 45

6.1.5 FCS_CKM.1(1) Cryptographic Key Generation (for symmetric keys) ............................................... 45

6.1.6 FCS_CKM.1(2) Cryptographic Key Generation (for asymmetric keys) ............................................. 45

6.1.7 FCS_CKM.2 Cryptographic Key Distribution ..................................................................................... 46

6.1.8 FCS_CKM_(EXT).2 Extended: Cryptographic Key Handling & Storage ........................................... 46

6.1.9 FCS_CKM.4 Cryptographic Key Destruction ..................................................................................... 46

6.1.10 FCS_COP.1(1) Cryptographic Operation (Data Encryption/Decryption) ........................................ 46

6.1.11 FCS_COP.1(2) Cryptographic Operation (Cryptographic Signatures) ............................................ 46

6.1.12 FCS_COP.1(3) Cryptographic Operation (Hashing) ........................................................................ 47

6.1.13 FCS_COP.1(4) Cryptographic Operation (Cryptographic Key Agreement) ..................................... 47

6.1.14 FCS_COP_(EXT).1 Extended: Random Number Generation ........................................................... 47

6.1.15 FDP_PUD_(EXT).1 Extended: Protection of User Data .................................................................. 47

6.1.16 FDP_RIP.1(1) Subset Residual Information Protection .................................................................... 47

6.1.17 FIA_AFL.1(1) Administrator Authentication Failure Handling ....................................................... 48

6.1.18 FIA_ATD.1(1) Administrator Attribute Definition........................................................................... 48

6.1.19 FIA_ATD.1(2) User Attribute Definition ......................................................................................... 48

6.1.20 FIA_UAU.1 Timing of Local Authentication .................................................................................... 48

6.1.21 FIA_UAU_(EXT).5(1) Extended: Multiple Authentication Mechanisms .......................................... 48

6.1.22 FIA_UID.2 User Identification Before any Action ........................................................................... 49

6.1.23 FIA_USB.1(1) User-Subject Binding (Administrator) ....................................................................... 49

6.1.24 FIA_USB.1(2) User-Subject Binding (Wireless User) ....................................................................... 49

6.1.25 FMT_MOF.1(1) Management of Cryptographic Security Functions Behavior ................................ 49

6.1.26 FMT_MOF.1(2) Management of Audit Security Functions Behavior .............................................. 50

6.1.27 FMT_MOF.1(3) Management of Authentication Security Functions Behavior ................................ 50

6.1.28 FMT_MSA.2 Secure Security Attributes ........................................................................................... 50

6.1.29 FMT_MTD.1(1) Management of Audit Pre-selection Data .............................................................. 50

6.1.30 FMT_MTD.1(2) Management of Authentication Data (Administrator) ........................................... 50

6.1.31 FMT_MTD.1(3) Management of Authentication Data (User) .......................................................... 51

6.1.32 FMT_SMF.1(1) Specification of Management Functions (Cryptographic Function) ....................... 51

6.1.33 FMT_SMF.1(2) Specification of Management Functions (TOE Audit Record Generation) ............. 51

6.1.34 FMT_SMF.1(3) Specification of Management Functions (Cryptographic Key Data)....................... 51

6.1.35 FMT_SMR.1(1) Security Roles ......................................................................................................... 51

6.1.36 FPT_ITT.1 Basic Internal TSF Data Transfer Protection ................................................................. 51

6.1.37 FPT_STM_(EXT).1 Extended: Reliable Time Stamps ....................................................................... 51

6.1.38 FPT_TST_(EXT).1 Extended: TSF Testing ........................................................................................ 51

6.1.39 FPT_TST.1(1) TST Testing (for cryptography) ................................................................................. 52

6.1.40 FPT_TST.1(2) TSF Testing (for key generation components) ........................................................... 52

6.1.41 FTA_SSL.3 TSF-Initiated Termination ............................................................................................. 52

6.1.42 FTA_TAB.1 Default TOE Access Banners ........................................................................................ 52

6.1.43 FTP_ITC_(EXT).1 Extended: Inter-TSF Trusted Channel ................................................................ 53

6.1.44 FTP_TRP.1 Trusted Path .................................................................................................................. 53

6.1.45 IPS_SDC_(EXT).1 Extended: wIPS Data Collection ........................................................................ 53

6.1.46 IPS_ANL_(EXT).1 Extended: wIPS Analysis ..................................................................................... 55

6.1.47 IPS_RCT_(EXT).1 Extended: wIPS Reaction .................................................................................... 55

6.2 SECURITY REQUIREMENTS FOR THE IT ENVIRONMENT .................................................................................. 56

6.2.1 FAU_GEN.1(2) Audit Data Generation ............................................................................................. 56

6.2.2 FAU_SAR.1 Audit Review ................................................................................................................... 57

6.2.3 FAU_SAR.2 Restricted Audit Review .................................................................................................. 57

6.2.4 FAU_SAR.3 Selectable Audit Review ................................................................................................ 58

6.2.5 FAU_STG.1 Protected audit trail storage ........................................................................................... 58