Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS7000 Series

Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target

Page 62 of 85

wireless clients may be configured by

administrators that are not administrators of

this TOE, then that guidance may be user

guidance from the perspective of this TOE.

AVA_MSU.1 ensures that the guidance

documentation can be followed

unambiguously to ensure the TOE is not

misconfigured in an insecure state due to

confusing guidance.

O.AUDIT_GENERATION

The TOE will provide the

capability to detect and

create records of security-

relevant events associated

with users.

FAU_GEN.1(1)

FAU_GEN.2

FAU_SEL.1

FIA_USB.1(1),(2)

FPT_STM_EXP.1

FTP_ITC_EXP.1(1)

FAU_GEN.1(1) defines the set of events that

the TOE must be capable of recording. This

requirement ensures that the administrator has

the ability to audit any security relevant event

that takes place in the TOE. This requirement

also defines the information that must be

contained in the audit record for each

auditable event. There is a minimum of

information that must be present in every audit

record and this requirement defines that, as

well as the additional information that must be

recorded for each auditable event. This

requirement also places a requirement on the

level of detail that is recorded on any

additional security functional requirements an

ST author adds to this ST.

FAU_GEN.2 ensures that the audit records

associate a user identity with the auditable

event. In the case ofauthorized users, the

association is accomplished with the user ID.

In all other cases, the association is based on

the source network identifier, which is

presumed to be the correct identity, but cannot

be confirmed since these subjects are not

authenticated.

FAU_SEL.1 allows for the selection of events

to be audited. This requires that the criteria

used for the selection of auditable events to be

defined. For example, the user identity can be

used as selection criterion for the events to be

audited.

FIA_USB.1(1),(2) play a role is satisfying this

objective by requiring a binding of security

attributes associated with users that are

authenticated with the subjects that represent

them in the TOE. This only applies to

authorized users, since the identity of

unauthenticated users cannot be confirmed.

Therefore, the audit trail may not always have