beautypg.com

Trusted path/channels, Ecurity, Ssurance – Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual

Page 49: Easures, Able, Apping to, Equirements, 2 toe security assurance measures, 7 trusted path/channels

background image

Security Target, Version 3.9

March 18, 2008

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 49 of 67

© 2008 Nortel Networks

o Runs when a random number needs to be generated.

Continuous RNG for Entropy Gathering: Verifies that the seed for the FIPS 182-2 PRNG is not failing to

a constant value.

o Runs when a seed for the RNG needs to be generated.

Pair-wise Consistency Test for RSA Key Generation: Verifies that a newly generated RSA public/private

keypair works properly.

o Runs when an RSA public/private keypair is generated.

Software Load Test: Verifies the authenticity and integrity of new software binaries which are to be

installed on the module.

o Runs when a new software image is loaded onto the module.

TOE Security Functional Requirements Satisfied: FPT_AMT.1, FPT_RPL.1, FPT_TST.1.

6.1.7 Trusted Path/Channels

Connections from the Nortel VPN Client to the Nortel VPN Router are initiated by the VPN users. IPSec is required
to ensure that the communication is via trusted path. Because of this, trusted path connections between components
of the TOE are logically distinct, and secure.

TOE Security Functional Requirements Satisfied: FTP_TRP.1.

6.2 TOE Security Assurance Measures

EAL 4 augmented with ALC_FLR.2 was chosen to provide a basic level of independently assured security. This
section of the ST maps the assurance requirements of the TOE for a CC EAL 4+ (augmented with ALC_FLR.2)
level of assurance to the assurance measures used for the development and maintenance of the TOE. The following
table provides a mapping of the appropriate documentation to the TOE assurance requirements.

Table 10 - Assurance Measures Mapping to TOE Security Assurance Requirements (SARs)

Assurance

Component

Assurance Measure

ACM_AUT.1

Nortel Networks Virtual Private Network Router v7.05 Configuration Management

ACM_CAP.4

Nortel Networks Virtual Private Network Router v7.05 Configuration Management

ACM_SCP.2

Nortel Networks Virtual Private Network Router v7.05 Configuration Management

ADO_DEL.2

Nortel Networks Virtual Private Network Router v7.05 Secure Delivery

ADO_IGS.1

Nortel Virtual Private Network Router v7.05 Installation Guidance

ADV_FSP.2

Nortel Networks Virtual Private Network Router v7.05 Functional Specification

ADV_HLD.2

Nortel Networks Virtual Private Network Router v7.05 TOE Architecture: High
Level Design, Low Level Design, and Representation Correspondence

ADV_IMP.1

Nortel Networks Virtual Private Network Router v7.05 - Implementation
Representation

ADV_LLD.1

Nortel Networks Virtual Private Network Router v7.05 TOE Architecture: High
Level Design, Low Level Design, and Representation Correspondence

ADV_RCR.1

Nortel Networks Virtual Private Network Router v7.05 TOE Architecture: High
Level Design, Low Level Design, and Representation Correspondence

ADV_SPM.1

Nortel Networks Virtual Private Network Router v7.05 Informal Security Policy
Model

AGD_ADM.1

Nortel Networks Virtual Private Network Router v7.05 Supplement Guide

AGD_USR.1

Nortel Networks Virtual Private Network Router v7.05 Supplement Guide

This manual is related to the following products: