beautypg.com

Ssurance, Equirements, Able – Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual

Page 41: Omponents, 3 assurance requirements

background image

Security Target, Version 3.9

March 18, 2008

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 41 of 67

© 2008 Nortel Networks

5.3 Assurance Requirements

This section defines the assurance requirements for the TOE. The assurance requirements are taken from Part 3 of
the CC and are EAL 4 augmented with ALC_FLR.2. Table 6 below summarizes the components.

Table 6 - Assurance Components

Assurance Requirements

Class ACM:
Configuration management

ACM_AUT.1 Partial CM automation

ACM_CAP.4 General support and acceptance procedures

ACM_SCP.2 Problem tracking CM coverage

Class ADO:
Delivery and operation

ADO_DEL.2 Detection of modification

ADO_IGS.1 Installation, generation, and start-up procedures

Class ADV:
Development

ADV_FSP.2 Fully defined external interfaces

ADV_HLD.2 Security-enforcing high-level design

ADV_IMP.1 Subset of the implementation of the TSF

ADV_LLD.1 Descriptive low-level design

ADV_RCR.1 Informal correspondence demonstration

ADV_SPM.1 Informal TOE security policy model

Class AGD:
Guidance documents

AGD_ADM.1 Administrator guidance

AGD_USR.1 User guidance

Class ALC:
Life cycle support

ALC_DVS.1 Development security

ALC_FLR.2 Flaw reporting procedures

ALC_LCD.1 Developer defined Life cycle model

ALC_TAT.1 Well-defined development tools

Class ATE:
Tests

ATE_COV.2 Analysis of coverage

ATE_DPT.1 Testing: high-level design

ATE_FUN.1 Functional testing

ATE_IND.2 Independent testing

– sample

Class AVA:
Vulnerability assessment

AVA_MSU.2 Validation of analysis

AVA_SOF.1 Strength of TOE security function evaluation

AVA_VLA.2 Independent vulnerability analysis

This manual is related to the following products: