Installation guide

Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target

Page 14 of 85

T.UNAUTH_ADMIN_ACCESS An unauthorized user or process may gain access to an

administrative account.

3.3 Organizational Security Policies

An organizational security policy is a set of rules, practices, and procedures imposed by an

organization to address its security needs. Table 3-3 Organizational Security Policies identifies the

organizational security policies applicable to the TOE. The policies are identical to those of

WLANAS PP.

Table 3-3 Organizational Security Policies

Policy Name Policy Definition

P.ACCESS_BANNER The TOE shall display an initial banner for administrator logins

describing restrictions of use, legal agreements, or any other

appropriate information to which users consent by accessing

the system.

P.ACCOUNTABILITY The authorized users of the TOE shall be held accountable for

their actions within the TOE.

P.CRYPTOGRAPHIC The TOE shall provide cryptographic functions for its own use,

including encryption/decryption operations.

P.CRYPTOGRAPHY_VALIDATED

Only NIST FIPS validated cryptography (methods and

implementations) are acceptable for key management (i.e.;

generation, access, distribution, destruction, handling, and

storage of keys) and cryptographic services (i.e.; encryption,

decryption, signature, hashing, key exchange, and random

number generation services).

P.ENCRYPTED_CHANNEL The TOE shall provide the capability to encrypt/decrypt

wireless network traffic between the TOE and those wireless

clients that are authorized to join the network.

P.NO_AD_HOC_NETWORKS

In accordance with the DOD Wireless Policy, there will be no

ad hoc 802.11 or 802.15 networks allowed.