Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentA9014CFD
21222324252627282930
Cisco Aggregation Services Router (ASR) 901 Series Security Target
Page 25 of 50
5 SECURITY REQUIREMENTS
This section identifies the Security Functional Requirements for the TOE. The Security
Functional Requirements included in this section are derived from Part 2 of the Common Criteria
for Information Technology Security Evaluation, Version 3.1, Revision 4, dated: September 2012
and all international interpretations.
5.1 Conventions
The CC defines operations on Security Functional Requirements: assignments, selections,
assignments within selections and refinements. This document uses the following font
conventions to identify the operations defined by the CC:
Assignment: Indicated with italicized text;
Refinement: Indicated with bold text;
Selection: Indicated with underlined text;
Iteration: Indicated by appending the iteration number in parenthesis, e.g., (1), (2), (3).
Where operations were completed in the NDPP itself, the formatting used in the NDPP
has been retained.
Explicitly stated SFRs are identified by having a label ‘EXT’ after the requirement name for
TOE SFRs. Formatting conventions outside of operations and iterations matches the formatting
specified within the NDPP.
5.2 TOE Security Functional Requirements
This section identifies the Security Functional Requirements for the TOE. The TOE Security
Functional Requirements that appear in the following table are described in more detail in the
following subsections.
Table 15 Security Functional Requirements
Class Name
Component
Identification
Component Name
FAU: Security audit
FAU_GEN.1
Audit data generation
FAU_GEN.2
User Identity Association
FAU_STG_EXT.1
External Audit Trail Storage
FCS: Cryptographic
support
FCS_CKM.1
Cryptographic Key Generation (for asymmetric keys)
FCS_CKM_EXT.4
Cryptographic Key Zeroization
FCS_COP.1(1)
Cryptographic Operation (for data
encryption/decryption)
FCS_COP.1(2)
Cryptographic Operation (for cryptographic signature)
FCS_COP.1(3)
Cryptographic Operation (for cryptographic hashing)
FCS_COP.1(4)
Cryptographic Operation (for keyed-hash message
authentication)
FCS_IPSEC_EXT.1
Explicit: IPSEC