Installation guide
Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target
Page 63 of 85
the proper identity of the subject that causes
an audit record to be generated (e.g.,
presumed network address of an
unauthenticated user may be a spoofed
address).
FPT_STM_EXP.1 supports the audit
functionality by ensuring that the TOE is
capable of obtaining a time stamp for use in
recording audit events.
FTP_ITC_EXP.1(1) provides a trusted channel
for services provided by the TOE IT
environment (the audit server and the time
server).
O.CONFIGURATION_
IDENTIFICATION
The configuration of the
TOE is fully identified in a
manner that will allow
implementation errors to
be identified, corrected
with the TOE being
redistributed promptly.
ACM_CAP.2
ACM_SCP.1
ALC_FLR.2
ACM_CAP.1 contributes to this objective by
requiring the developer have a configuration
management plan that describes how changes
to the TOE and its evaluation deliverables are
managed.
ACM_SCP.1 is necessary to define the items
that must be under the control of the CM
system. This requirement ensures that the
TOE implementation representation, design
documentation, test documentation (including
the executable test suite), user and
administrator guidance, and CM
documentation are tracked by the CM system.
ALC_FLR.2 plays a role in satisfying this
objective by requiring the developer to have
procedures that address flaws that have been
discovered in the product, either through
developer actions (e.g., developer testing) or
discovery by others. The flaw remediation
process used by the developer corrects any
discovered flaws and performs an analysis to
ensure new flaws are not created while fixing
the discovered flaws.