Cisco IPS4345 Bedienungsanleitung PDF herunterladen (Seite 34)

Cisco Intrusion Prevention System Security Target

5.2.5 Security management (FMT)

5.2.5.1 FMT_MTD.1 Management of TSF Data (for general TSF data)

FMT_MTD.1.1 The TSF shall restrict the ability to manage the TSF data to the Security

Administrators.

5.2.5.2 FMT_SMF.1 Specification of Management Functions

FMT_SMF.1.1 Refinement: The TSF shall be capable of performing the following

management functions:

 Ability to administer the TOE locally and remotely;

 Ability to update the TOE, and to verify the updates using published hash capability prior

to installing those updates;

 [Ability to configure the list of TOE-provided services available before an entity is

identified and authenticated, as specified in FIA_UIA_EXT.1;

 Ability to configure the cryptographic functionality]

5.2.5.3 FMT_SMR.2 Restrictions on Security Roles

FMT_SMR.2.1 The TSF shall maintain the roles:

 Authorized Administrator.

FMT_SMR.2.2 The TSF shall be able to associate users with roles.

FMT_SMR.2.3 The TSF shall ensure that the conditions

 Authorized Administrator role shall be able to administer the TOE locally;

 Authorized Administrator role shall be able to administer the TOE remotely;

are satisfied.

5.2.6 Protection of the TSF (FPT)

5.2.6.1 FPT_SKP_EXT.1 Extended: Protection of TSF Data (for reading of all symmetric keys)

FPT_SKP_EXT.1.1 The TSF shall prevent reading of all pre-shared keys, symmetric keys, and

private keys.

5.2.6.2 FPT_APW_EXT.1 Extended: Protection of Administrator Passwords

FPT_APW_EXT.1.1 The TSF shall store passwords in non-plaintext form.

FPT_APW_EXT.1.2 The TSF shall prevent the reading of plaintext passwords.

5.2.6.3 FPT_STM.1 Reliable time stamps

FPT_STM.1.1 The TSF shall be able to provide reliable time stamps for its own use.

1 2 ... 29 30 31 32 33 34 35 36 37 38 39 ... 60 61

Keine Kommentare

Cisco IPS4345 Bedienungsanleitung Seite 34