Ssurance, Equirements, Able – Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual
Page 41: Omponents, 3 assurance requirements
Security Target, Version 3.9
March 18, 2008
Nortel VPN Router v7.05 and Client Workstation v7.11
Page 41 of 67
© 2008 Nortel Networks
5.3 Assurance Requirements
This section defines the assurance requirements for the TOE. The assurance requirements are taken from Part 3 of
the CC and are EAL 4 augmented with ALC_FLR.2. Table 6 below summarizes the components.
Table 6 - Assurance Components
Assurance Requirements
Class ACM:
Configuration management
ACM_AUT.1 Partial CM automation
ACM_CAP.4 General support and acceptance procedures
ACM_SCP.2 Problem tracking CM coverage
Class ADO:
Delivery and operation
ADO_DEL.2 Detection of modification
ADO_IGS.1 Installation, generation, and start-up procedures
Class ADV:
Development
ADV_FSP.2 Fully defined external interfaces
ADV_HLD.2 Security-enforcing high-level design
ADV_IMP.1 Subset of the implementation of the TSF
ADV_LLD.1 Descriptive low-level design
ADV_RCR.1 Informal correspondence demonstration
ADV_SPM.1 Informal TOE security policy model
Class AGD:
Guidance documents
AGD_ADM.1 Administrator guidance
AGD_USR.1 User guidance
Class ALC:
Life cycle support
ALC_DVS.1 Development security
ALC_FLR.2 Flaw reporting procedures
ALC_LCD.1 Developer defined Life cycle model
ALC_TAT.1 Well-defined development tools
Class ATE:
Tests
ATE_COV.2 Analysis of coverage
ATE_DPT.1 Testing: high-level design
ATE_FUN.1 Functional testing
ATE_IND.2 Independent testing
– sample
Class AVA:
Vulnerability assessment
AVA_MSU.2 Validation of analysis
AVA_SOF.1 Strength of TOE security function evaluation
AVA_VLA.2 Independent vulnerability analysis