System information
Cisco Cat3K ST 6 June 2012
26
Functional Component
FAU_SAR.1: Audit review
FAU_STG.1: Protected audit trail storage
FCS: Cryptographic support
FCS_CKM.1(1): Cryptographic key generation - RSA
FCS_CKM.1(2): Cryptographic key generation - AES
FCS_CKM.4: Cryptographic key zeroization
FCS_COP.1(1): Cryptographic operation (for RSA encryption/decryption)
FCS_COP.1(2): Cryptographic operation (for AES encryption/decryption)
FCS_COP.1(3): Cryptographic operation (for RNG)
FCS_COP.1(4) Cryptographic operation (for MD5 hashing)
FCS_SSH_EXT.1: SSH
FDP: User data protection FDP_ACC.2: Complete access control (PRIVAC)
FDP_ACF.1: Security attribute based access control (PRIVAC)
FDP_IFC.1(1) Subset Information Flow Control – VLAN
FDP_IFC.1(2) Subset Information Flow Control - ACL
FDP_IFC.1(3) Subset Information Flow Control - VACL
FDP_IFF.1(1) Simple Security Attributes – VLAN
FDP_IFF.1(2) Simple Security Attributes – ACL
FDP_IFF.1(3) Simple Security Attributes – VACL
FDP_RIP.2: Full residual information protection
FIA: Identification and
authentication
FIA_ATD.1 User attribute definition
FIA_UAU.2 User authentication before any action
FIA_UAU.5: Password-based authentication mechanism
FIA_UAU.7: Protected authentication feedback
FIA_UID.2 User identification before any action
FMT: Security management
FMT_MOF.1 Management of Security Functions Behavior
FMT_MSA.2 Secure Security Attributes
FMT_MSA.3(1) Static Attribute Initialization (Traffic Flow)
FMT_MSA.3(2) Static Attribute Initialization (Access Control)
FMT_MTD.1: Management of TSF data
FMT_SMF.1: Specification of management functions
FMT_SMR.1: Security roles
FPT: Protection of the TSF
FPT_RPL.1: Replay detection
FPT_STM.1: Reliable time stamps