Specifications
61
ALC_TAT.1 Well-defined development tools
ASE: Security Target
evaluation
ASE_CCL.1 Conformance claims
ASE_ECD.1 Extended components definition
ASE_INT.1 ST introduction
ASE_OBJ.2 Security objectives
ASE_REQ.2 Derived security requirements
ASE_SPD.1 Security problem definition
ASE_TSS.1 TOE summary specification
ATE: Tests
ATE_COV.2 Analysis of coverage
ATE_DPT.2 Testing: security enforcing modules
ATE_FUN.1 Functional testing
ATE_IND.2 Independent testing - sample
AVA: Vulnerability assessment
AVA_VAN.3 Focused vulnerability analysis
7 TOE Summary Specification
This section identifies and describes the security functions implemented by the TOE and the
assurance measures applied to ensure their correct implementation.
7.1 TOE Security Functional Requirements
Measures
The table below identifies and describes how the Security Functional Requirements identif ied
above are met by the TOE.
Table 17 TOE Security Functions
TOE SFRs
How the SFR is met
FAU_GEN.1(1)
All components of the TOE work to implement an auditing capability of security relevant events
that happen under the control of the TOE. Audit records are generated by the TOE for all of the
events that are listed in FAU_GEN.1(1) as they occur on the respective AP and Controller
components.
During installation the administrator must configure the Controller to communicate with the
syslog server via TLS for remote storage of TOE-generated audit records. Audit events
generated by the TOE contain the following fields: a timestamp, an associated user identity,
event type, and whether it was a success or failure. The timestamp that is used is based on a local
timestamp on each TOE component, which relies on a time server in the environment for