Cisco Cisco IOS Software Release 12.4(23)
3. TOE Security Environment
Document Organization
14
Security Target For Cisco IOS IPSec
3. TOE Security Environment
To clarify the nature of the security problem that the TOE is intended to solve, this section describes the
following:
following:
•
Any assumptions about the security aspects of the environment and of the manner for which the TOE
is intended.
is intended.
•
Any known or assumed threats to the assets against which specific protection within the TOE or its
environment is required.
environment is required.
•
Any organizational security policy statements or rules with which the TOE must comply.
3.1 Secure Usage Assumptions
lists assumptions that are made in relation to the operation of TOE.
Table 6
Secure Usage Assumptions
Name
Description
A.NoEvil
As the security functions of the TOE can be compromised by an
authorized administrator, administrators are assumed to be
non-hostile and trusted to perform their duties correctly.
authorized administrator, administrators are assumed to be
non-hostile and trusted to perform their duties correctly.
A.PhySec
As the security functions of the TOE can be compromised by an
attacker with physical access to the internetworking device
containing the TOE, it is assumed that the internetworking
device containing the TOE is located in a physically secure
environment.
attacker with physical access to the internetworking device
containing the TOE, it is assumed that the internetworking
device containing the TOE is located in a physically secure
environment.
A.Training
As the security functions of the TOE can be compromised due
to errors or omissions in the administration of the security
features of the TOE, it is assumed that administrators of the
TOE have been trained to enable them to securely configure the
TOE.
to errors or omissions in the administration of the security
features of the TOE, it is assumed that administrators of the
TOE have been trained to enable them to securely configure the
TOE.
A.Trusted-CA
When configured to use digital certificates, security functions
of the TOE can be comprised if the Certificate Authority (CA)
that issued the certificates is not operated in a trusted manner.
Thus, it is assumed that the issuing CA is trusted or evaluated
to at least the same level as the TOE when the TOE is
configured to use digital certificates.
of the TOE can be comprised if the Certificate Authority (CA)
that issued the certificates is not operated in a trusted manner.
Thus, it is assumed that the issuing CA is trusted or evaluated
to at least the same level as the TOE when the TOE is
configured to use digital certificates.
A.SecureTimeSource
Clock sources external to the scope of the TOE should be placed
in a secure location and configured accurately to provide a
trusted clock source for the TOE’s internal clock. This includes
hardware clocks within the TOE casing or Network Time
Protocol (NTP) servers located on a trusted network.
in a secure location and configured accurately to provide a
trusted clock source for the TOE’s internal clock. This includes
hardware clocks within the TOE casing or Network Time
Protocol (NTP) servers located on a trusted network.