Cisco Cisco IOS Software Release 12.4(23)
8. Rationale
Document Organization
32
Security Target For Cisco IOS IPSec
8. Rationale
8.1 Security Objectives Rationale
The purpose of the rationale is to demonstrate that the identified security objectives are:
•
suitable, they are sufficient to address the security needs;
•
necessary, there are no redundant security objectives.
8.1.1 All Assumptions, Policies, and Threats Addressed
8.1.2 Sufficiency of Security Objectives
, and
list the sufficiency of the Security Objectives outlined in
.
Table 14
Cross Reference Objectives to Threats/Assumptions/Policies
Objective
Policy/Threat/Assumption
O.AUTHENTICITY
O.Confidentiality O.Integrity
O.Key-
Confidentiality
Confidentiality
O.NoReplay
O.Secure-
Operation
Operation
OE.Policy
OE.Secure.
Management
Management
T.Attack
X
X
T.Untrusted-Path
X
X
X
X
X
A.PhySec
X
A.NoEvil
X
A.Training
X
A.Trusted-CA
X
A.SecureTimeSource
X
P.Connectivity
X
X