System information
Cisco Cat3K ST 6 June 2012
75
FIA_UAU.5
X
FIA_UAU.7
X
FIA_UID.2
X
FMT_MOF.1
X
FMT_MSA.2
X
FMT_MSA.3(1)(2)
X X
FMT_MTD.1
X
FMT_SMF.1
X
FMT_SMR.1
X X X
FPT_RPL.1
X
FPT_STM.1
X X
FPT_TST_EXT.1
X
FTA_SSL.3
X X X X
FTA_TAB.1
X
Table 20: TOE Security Objective to Security Functional Requirements Rationale
Objective Rationale
O.ACCESS_CONTROL The TOE will restrict access to the TOE Management functions to
the Authorized administrators. The TOE is required to provide the
ability to restrict the use of TOE
management/administration/security functions to authorized
administrators of the
TOE. These functions are performed on the TOE by the authorized
administrators [FMT_MOF.1]. Only authorized administrators of the
TOE may modify TOE data [FMT_MTD.1] and delete audit data
stored locally on the TOE [FAU_STG.1]. The TOE must be able to
recognize the administrative privilege level that exists for the TOE
[FMT_SMR.1]. The TOE must allow the privileged administrator to
specify alternate initial values when an object is created and
[FDP_ACC.2/FDP_ACF.1] ensures the access to the commands is
controlled. [FMT_MSA.3(2)]. The TOE ensures that all user actions
resulting in the access to TOE security functions and configuration
data are controlled. The TOE ensures that access to TOE security
functions and configuration data is based on the assigned user
privilege level. The SFR, FTA_SSL.3 also meets this objective by
terminating a session due to meeting/exceeding the inactivity time
limit.
O.ADMIN_ROLE The will provide administrator privilege levels to isolate
administrative actions by configuring and assigning privilege levels
[FMT_SMR.1], thus controlling access to the commands
[FDP_ACC.2/FDP_ACF.1]. The TOE will also make the
administrative functions available locally and remotely.
O.AUDIT_GEN The TOE will generate audit records which will include the time that
the event occurred and if applicable, the identity of the user
performing the event. Security relevant events must be defined and