Cisco Cisco IOS Software Release 12.4(4)T
4. Security Objectives
Document Organization
19
Version 1.0
4. Security Objectives
The security objectives are a high-level statement of the intended response to the security problem.
These objectives indicate how the security problem, as characterized in the “Security Environment”
section of the ST (see the section “
These objectives indicate how the security problem, as characterized in the “Security Environment”
section of the ST (see the section “
”), is to be addressed.
describes security objectives for the TOE, while
describes objectives for the
environment.
The environmental objective O.IDAUTH(env) is an iteration of the TOE Objective O.IDAUTH, and has
been added in order to allow for remote authentication services to be provided by the environment.
been added in order to allow for remote authentication services to be provided by the environment.
The Security Objectives for the Environment (see section
)
are considered Non-IT.
4.1 Security Objective for the TOE
Table 10
Security Objectives for the TOE
Name
Description
O.IDAUTH
The TOE must uniquely identify and authenticate
the claimed identity of all users, before granting a
user access to TOE functions.
the claimed identity of all users, before granting a
user access to TOE functions.
O.SINUSE
The TOE must prevent the reuse of authentication
data for users attempting to authenticate at the
TOE from a connected network.
data for users attempting to authenticate at the
TOE from a connected network.
O.MEDIAT
The TOE must mediate the flow of all information
between users on an internal network connected
to the TOE and users on an external network
connected to the TOE, and must ensure that
residual information from a previous information
flow is not transmitted in any way.
between users on an internal network connected
to the TOE and users on an external network
connected to the TOE, and must ensure that
residual information from a previous information
flow is not transmitted in any way.
O.SECSTA
Upon initial start-up of the TOE or recovery from
an interruption in TOE service, the TOE must not
compromise its resources or those of any
connected network.
an interruption in TOE service, the TOE must not
compromise its resources or those of any
connected network.
O.ENCRYP
The TOE must protect the confidentiality of its
dialogue with an authorized administrator through
encryption, if the TOE allows administration to
occur remotely from a connected network
dialogue with an authorized administrator through
encryption, if the TOE allows administration to
occur remotely from a connected network
O.SELPRO
The TOE must protect itself against attempts by
unauthorized users to bypass, deactivate, or
tamper with TOE security functions.
unauthorized users to bypass, deactivate, or
tamper with TOE security functions.