HP A-Series Spezifikationen PDF herunterladen (Seite 27)

Security Target Version 1.02, 08/16/2013

5.3 TOE Security Assurance Requirements

The security assurance requirements for the TOE are the EAL 1 components as specified in Part 3 of the Common

Criteria (with the exception of some name changes in accordance with the NDPP). The SARs have effectively been

refined with the assurance activities explicitly defined in association with both the SFRs and SARs.

Requirement Class

Requirement Component

ADV: Development

ADV_FSP.1 Basic functional specification

AGD: Guidance documents

AGD_OPE.1: Operational user guidance

AGD_PRE.1: Preparative procedures

ALC: Life-cycle support

ALC_CMC.1 Labeling of the TOE

ALC_CMS.1 TOE CM coverage

ATE: Tests

ATE_IND.1 Independent testing - conformance

AVA: Vulnerability assessment

AVA_VAN.1 Vulnerability survey

Table 4 Assurance Components

5.3.1 Development (ADV)

5.3.1.1 Basic functional specification (ADV_FSP.1)

ADV_FSP.1.1d The developer shall provide a functional specification.

ADV_FSP.1.2d The developer shall provide a tracing from the functional specification to the SFRs.

ADV_FSP.1.1c The functional specification shall describe the purpose and method of use for each SFR-enforcing

and SFR-supporting TSFI.

ADV_FSP.1.2c The functional specification shall identify all parameters associated with each SFR-enforcing and

SFR-supporting TSFI.

ADV_FSP.1.3c The functional specification shall provide rationale for the implicit categorization of interfaces as

SFR-non-interfering.

ADV_FSP.1.4c The tracing shall demonstrate that the SFRs trace to TSFIs in the functional specification.

ADV_FSP.1.1e The evaluator shall confirm that the information provided meets all requirements for content and

presentation of evidence.

ADV_FSP.1.2e The evaluator shall determine that the functional specification is an accurate and complete

instantiation of the SFRs.

5.3.2 Guidance documents (AGD)

5.3.2.1 Operational user guidance (AGD_OPE.1)

AGD_OPE.1.1d The developer shall provide operational user guidance.

AGD_OPE.1.1c The operational user guidance shall describe, for each user role, the user-accessible functions and

privileges that should be controlled in a secure processing environment, including appropriate

warnings.

AGD_OPE.1.2c The operational user guidance shall describe, for each user role, how to use the available interfaces

provided by the TOE in a secure manner.

AGD_OPE.1.3c The operational user guidance shall describe, for each user role, the available functions and

interfaces, in particular all security parameters under the control of the user, indicating secure

values as appropriate.

AGD_OPE.1.4c The operational user guidance shall, for each user role, clearly present each type of security-

relevant event relative to the user-accessible functions that need to be performed, including

changing the security characteristics of entities under the control of the TSF.

AGD_OPE.1.5c The operational user guidance shall identify all possible modes of operation of the TOE (including

operation following failure or operational error), their consequences and implications for

maintaining secure operation.

1 2 ... 22 23 24 25 26 27 28 29 30 31 32 ... 65 66

Kommentare zu diesen Handbüchern

Keine Kommentare

HP A-Series Spezifikationen Seite 27

Kommentare zu diesen Handbüchern

Verwandte Produkte und Handbücher für PC / Workstation Barebones HP A-Series