Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS7000 Series

Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target

Page 65 of 85

O.CRYPTOGRAPHY_VAL

IDATED

The TOE will use NIST

FIPS 140-1/2 validated

cryptomodules for

cryptographic services

implementing NIST-

approved security

functions and random

number generation

services used by

cryptographic functions.

FCS_BCM_EXP.1

FCS_CKM.1

FCS_CKM_EXP.2

FCS_CKM.4

FCS_COP_EXP.1

FCS_COP_EXP.2

The FCS requirements satisfy this objective by

levying requirements that ensure the

cryptographic standards include the NIST

FIPS publications (wherepossible) and NIST

approved ANSI standards. The intent is to

have the satisfaction of the cryptographic

standards be validated through a NIST FIPS

140-1/2 validation.

FCS_BCM_EXP.1 is an explicit requirement

that specifies the NIST FIPS rating level that

the cryptographic module must satisfy. The

level specifies the degree of testing of the

module. The higher the level, the more

extensively the module is tested.

FCS_CKM.1 ensures that, if necessary, the

TOE is capable of generating cryptographic

keys.

FCS_CKM_EXP.2 Cryptographic Key

Handling andStorage requires that FIPS PUB

140-1/2 be satisfied when performing key

entry and output.

FCS_CKM.4 mandates the standards (FIPS

140-1/2) that must be satisfied when the TOE

performs Cryptographic Key Zeroization.

FCS_COP_EXP.1 requires that a NIST

approved random number generator is used.

FCS_COP_EXP.2 requires for data decryption

and encryption that a NIST approved algorithm

is used, and that the algorithm meets the FIPS

PUB 140-1/2 standard.

O.DISPLAY_BANNER

The TOE will display an

advisory warning regarding

use of the TOE prior to

permitting the use of any

TOE services that require

authentication.

FTA_TAB.1 FTA_TAB.1 meets this objective by requiring

that the TOE display an administrator defined

banner before a user can establish an

authenticated session. This banner is under

complete control of the administrator, who can

specify any warnings regarding unauthorized

use of the TOE and remove any product or

version information if they desire. The only

time that it is envisioned that an authenticated

session would need to be established is for the

performance of TOE administration. Bannering

is not necessary prior to use of services that

pass network traffic through the TOE.