Specifications
Cisco Aggregation Services Router (ASR) 901 Series Security Target
Page 35 of 50
5.2.1.2 FTP_TRP.1 Trusted Path
FTP_TRP.1.1 Refinement: The TSF shall use [SSH] provide a trusted communication path
between itself and remote administrators that is logically distinct from other communication
paths and provides assured identification of its end points and protection of the communicated
data from disclosure and detection of modification of the communicated data.
FTP_TRP.1.2 Refinement: The TSF shall permit remote administrators to initiate
communication via the trusted path.
FTP_TRP.1.3 The TSF shall require the use of the trusted path for initial administrator
authentication and all remote administration actions.
5.3 TOE SFR Dependencies Rationale for SFRs Found in NDPP
The Security Functional Requirements (SFRs) in this Security Target represent the SFRs
identified in the NDPPv1.1. As such, the NDPP SFR dependency rationale is deemed acceptable
since the PP itself has been validated.
5.4 Security Assurance Requirements
5.4.1 SAR Requirements
The TOE assurance requirements for this ST are taken directly from the NDPP which are derived
from Common Criteria Version 3.1, Revision 4. The assurance requirements are summarized in
the table below.
Table 17: Assurance Measures
Assurance Class
Components
Components Description
DEVELOPMENT
ADV_FSP.1
Basic Functional Specification
GUIDANCE DOCUMENTS
AGD_OPE.1
Operational user guidance
AGD_PRE.1
Preparative User guidance
LIFE CYCLE SUPPORT
ALC_CMC.1
Labeling of the TOE
ALC_CMS.1
TOE CM coverage
TESTS
ATE_IND.1
Independent testing - conformance
VULNERABILITY
ASSESSMENT
AVA_VAN.1
Vulnerability analysis