Specifications
97
FMT_MTD.1(2)
FMT_SMR.1
FMT_SMF.1
This ST is based on the PP which was validated as
acceptable without the inclusion of this dependency.
FMT_MTD.1(2)
FMT_SMR.1
FMT_SMF.1
This ST is based on the PP which was validated as
acceptable without the inclusion of this dependency.
8.4 Rationale for Extended Requirements and
Extended Components Definition
Table 25 presents the rationale for the inclusion of the explicit requirements found in this ST.
These requirements were mostly derived from the PP, and were designed to fit into their respective
requirement classes: FAU, FCS, FDP, FIA, FPT, and FTP.
Table 25 Rationale for Explicit Requirements for the TOE
Explicit
Requirement
Identifier
Rationale
FCS_BCM_(EXT).1
Baseline
cryptographic
module
This explicit requirement is necessary since the CC does not provide
a means to specify a cryptographic baseline of implementation.
FCS_CKM_(EXT).2
Cryptographic
key handling and
storage
This explicit requirement is necessary since the CC does not
specifically provide components for key handling and storage.
FCS_COP_(EXT).1
Random number
generation
This explicit requirement is necessary since the CC cryptographic
operation components address only specific algorithm types and
operations requiring specific key sizes.
FDP_PUD_(EXT).1
Protection of User
Data
This explicit requirement is necessary because the Common Criteria
IFC/AFC requirements do not accommodate access control policies
that are not object/attribute based. The FDP_PUP_(EXT).1
requirement allows the administrator allow or disallow access based
upon an administrator setting indicating whether or not unencrypted
data may transit the wireless LAN.
FIA_UAU_(EXT).5(1)
Multiple
authentication
mechanisms
This explicit requirement is needed for local administrators because
there is concern over whether or not existing CC requirements
specifically require that the TSF provide authentication.
Authentication provided by the TOE is implied by other FIA_UAU
requirements and is generally assumed to be a requirement when
other FIA_UAU requirements are included in a TOE. In order to
remove any potential confusion about this PP, an explicit requirement
for authentication has been included. This PP also requires the IT
environment to provide an authentication server to be used for
authentication of remote users. It is important to specify that the TSF
must provide the means for local administrator authentication in case
the TOE cannot communicate with the authentication server. In
addition, the TOE must provide the portions of the authentication