Installation guide
Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target
Page 49 of 85
T.MASQUERADE
A user may masquerade as an
authorized user or the
authentication server to gain
access to data or TOE resources.
O.TOE_ACCESS
The TOE will provide
mechanisms that control a
user’s logical access to the
TOE.
OE.TOE_ACCESS
The environment will provide
mechanisms that support the
TOE in providing users
logical access to the TOE.
OE.TOE_NO_BYPASS
Wireless clients are
configured so that information
cannot flow between a
wireless client and any other
wireless client or host
networked to the TOE without
passing through the TOE.
O.TOE_ACCESS mitigates this
threat by controlling logical
access to the TOE and its
resources. By constraining how
and when authorized users can
access the TOE, and by
mandating the type and
strength of the authentication
mechanism, this objective
helps mitigate the possibility of
a user attempting to login and
masquerade as an authorized
user. In addition, this objective
provides the administrator the
means to control the number of
failed login attempts a user can
generate before an account is
locked out, further reducing the
possibility of a user gaining
unauthorized access to the
TOE. Finally, the TOE includes
requirements that ensure
protected channels are used to
authenticate wireless users
and to communicate with
critical portions of the TOE IT
environment.
OE.TOE_ACCESS supports
TOE authentication by
providing an authentication
server in the TOE IT
environment. The environment
also includes requirements that
ensure protected channels are
used to communicate with
critical portions of the TOE IT
environment.
OE.TOE_NO_BYPASS
contributes to mitigating this
threat by ensuring that wireless
clients must be configured for
all information can not be
flowing between a wireless
client and another client or
other host on the network
without passing through the
TOE.