beautypg.com

Class fmt: security management – Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual

Page 33

background image

Security Target, Version 3.9

March 18, 2008

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 33 of 67

© 2008 Nortel Networks

5.1.5 Class FMT: Security Management

FMT_MOF.1(a) Management of security functions behaviour

Hierarchical to: No other components.

FMT_MOF.1.1(a)

The TSF shall restrict the ability to [modify the behaviour of] the functions [creation and rights assignment
of Restricted Admins
] to [Primary Admin].

Dependencies: FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MOF.1(b) Management of security functions behaviour

Hierarchical to: No other components.

FMT_MOF.1.1(b)

The TSF shall restrict the ability to [determine the behaviour of] the functions [all administrator functions
allowed by Primary Admin
] to [Restricted Admins].

Dependencies: FMT_SMF.1 Specification of management functions

FMT_SMR.1 Security roles

FMT_MSA.1(a) Management of security attributes

Hierarchical to: No other components.

FMT_MSA.1.1(a)

The TSF shall enforce the [Access Control SFP] to restrict the ability to [modify] the security attributes
[which includes all internal attributes available to the administrators] to [Primary Admin, Restricted
Admins
].

Dependencies: [FDP_ACC.1 Subset access control or

FDP_IFC.1 Subset information flow control]
FMT_SMF.1 Specification of management functions
FMT_SMR.1 Security roles

FMT_MSA.1(b) Management of security attributes

Hierarchical to: No other components.

FMT_MSA.1.1(b)

The TSF shall enforce the [Firewall Information Control SFP] to restrict the ability to [modify] the security
attributes [which includes all internal attributes available to the administrators] to [Primary Admin,
Restricted Admins
].

This manual is related to the following products: