HP A-Series Spezifikationen Seite 37
- Seite / 66
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Security Target Version 1.02, 08/16/2013
37
Assurance Activity – Design
Assurance Activity - Guidance
Assurance Activity - Testing
FIA_UAU_EXT.7.1
The evaluator shall perform the following test for
each method of local login allowed:
Test 1: The evaluator shall locally authenticate to the
TOE. While making this attempt, the evaluator shall
verify that at most obscured feedback is provided
while entering the authentication information.
FMT_MTD.1.1
The evaluator shall examine the TSS to
determine that, for each administrative
function identified in the operational
guidance; those that are accessible
through an interface prior to
administrator log-in are identified. For
each of these functions, the evaluator
shall also confirm that the TSS details
how the ability to manipulate the TSF
data through these interfaces is
disallowed for non-administrative users.
The evaluator shall review the operational
guidance to determine each of the TSF-data-
manipulating functions implemented in
response to the requirements of the NDPP is
identified, and configuration information is
provided to ensure only administrators have
access to the functions.
FMT_SMF.1.1
The security management functions for FMT_SMF.1 are distributed throughout the NDPP and are
included as part of the requirements in FMT_MTD, FPT_TST_EXT, and any cryptographic management
functions specified in the reference standards. Compliance to these requirements satisfies compliance
with FMT_SMF.1.
FMT_SMR.2
The evaluator shall review the operational
guidance to ensure it contains instructions for
administering the TOE both locally and
remotely, including any configuration that needs
to be performed on the client for remote
administration.
In the course of performing the testing activities for
the evaluation, the evaluator shall use all supported
interfaces, although it is not necessary to repeat each
test involving an administrative action with each
interface. The evaluator shall ensure, however, each
supported method of administering the TOE that
conforms to the requirements of the NDPP be tested;
for instance, if the TOE can be administered through
a local hardware interface; SSH; and TLS/HTTPS;
then all three methods of administration must be
exercised during the evaluation team’s test activities.
FPT_STM.1.1
The evaluator shall examine the TSS to
ensure that it lists each security function
that makes use of time. The TSS provides
a description of how the time is
maintained and considered reliable in the
context of each of the time related
functions.
The evaluator examines the operational
guidance to ensure it instructs the administrator
how to set the time. If the TOE supports the use
of an NTP server, the operational guidance
instructs how a communication path is
established between the TOE and the NTP
server, and any configuration of the NTP client
on the TOE to support this communication.
Test 1: The evaluator uses the operational guide to set
the time. The evaluator shall then use an available
interface to observe the time was set correctly.
Test2: [conditional] If the TOE supports the use of an
NTP server; the evaluator shall use the operational
guidance to configure the NTP client on the TOE, and
set up a communication path with the NTP server.
The evaluator will observe the NTP server has set the
time to what is expected. If the TOE supports
multiple cryptographic protocols for establishing a
connection with the NTP server, the evaluator shall
perform this test using each supported protocol.
FPT_APW_EXT.1
The evaluator shall examine the TSS to
determine that it details all authentication
data that are subject to this requirement,
and the method used to obscure the
plaintext password data when stored.
The TSS shall also detail passwords are
stored in such a way that they are unable
to be viewed through an interface
designed specifically for that purpose, as
outlined in the application note.
FPT_SKP_EXT.1
The evaluator shall examine the TSS to
determine that it details how any pre-
shared keys, symmetric keys, and private
keys are stored and that they are unable
to be viewed through an interface
designed specifically for that purpose, as
outlined in the application note. If these
values are not stored in plaintext, the
TSS shall describe how they are
protected/obscured.
- Switches Security Target 1
- 1.2 Conformance Claims 5
- 1.3 Conventions 6
- 2. TOE Description 6
- 2.1 TOE Overview 7
- 2.2 TOE Architecture 11
- 2.2.2 Physical Boundaries 12
- 2.2.3 Logical Boundaries 12
- 2.3 TOE Documentation 14
- 3.1 Organizational Policies 15
- 3.2 Threats 15
- 3.3 Assumptions 15
- 4. Security Objectives 17
- 5.1 Extended Requirements 19
- 5.2.1 Security audit (FAU) 20
- 5.2.7 TOE access (FTA) 25
- 5.3.1 Development (ADV) 27
- 5.3.4 Tests (ATE) 28
- 6.1 Security audit 42
- 6.2 Cryptographic support 42
- 6.3 User data protection 48
- 6.5 Security management 49
- 6.6 Protection of the TSF 50
- 6.7 TOE access 51
- 6.8 Trusted path/channels 51
- 8. Rationale 54
Verwandte Produkte und Handbücher für PC / Workstation Barebones HP A-Series
(6 Seiten)© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.040 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern