Installation guide
Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target
Page 70 of 85
attacks on their authentication credentials.
FIA_ATD.1(1) Management requirements
provides additional control to supplement the
authentication requirements.
FTA_SSL.3 ensures that inactive user and
administrative sessions are dropped.
FTP_TRP.1 ensures that remote users have a
trusted path in order to authenticate.
FTP_ITC_EXP.1(1) provides a trusted channel
for services provided by the TOE IT
environment (the remote authentication
server)
O.VULNERABILITY_
ANALYSIS
The TOE will undergo
some vulnerability analysis
demonstrate the design
and implementation of the
TOE does not contain any
obvious flaws.
AVA_VLA.1
AVA_SOF.1
AVA_VLA.1 requires the developer to perform
a search for obvious vulnerabilities in all the
TOE deliverables. The developer must then
document the disposition of those obvious
vulnerabilities. The evaluator then builds upon
this analysis during vulnerability testing. This
component provides the confidence that
obvious security flaws have been either
removed from the TOE or otherwise mitigated.
AVA_SOF.1 requires that any permutational or
probabilistic mechanism in the TOE be
analyzed be found to be resistant to attackers
possessing a “low” attack potential. This
provides confidence that security mechanisms
vulnerable to guessing type attacks are
resistant to casual attack.
8.4 Rationale for TOE IT Environment Security Requirements
Table 8-3 Rationale for Requirements on the TOE IT Environment
Objective Requirements
Addressing the
Objective
Rationale