Cisco Cisco IOS Software Release 12.4(23)
8. Rationale
Document Organization
34
Security Target For Cisco IOS IPSec
8.2 Security Requirements Rationale
The purpose of this section is to show that the identified security requirements (See section
) are suitable to meet the security objectives (See section
). The
following tables show that each security requirement (and SFRs in particular) is necessary; that is, the
tables show that each security objective is addressed by at least one security requirement, and that each
security requirement is addressed by at least one security objective.
tables show that each security objective is addressed by at least one security requirement, and that each
security requirement is addressed by at least one security objective.
Table 17
Sufficiency of Security Objectives (3)
Assumption Objectives
A.PHYSEC
TOE will be kept in a physically secure
environment.
TOE will be kept in a physically secure
environment.
The objective (OE.Secure-Management) upholds the
assumption as:
assumption as:
•
The TOE will be maintained in a location, which is
physically secure.
physically secure.
A.NOEVIL
Administrators assumed to be
non-hostile and trusted to perform their
duties correctly.
Administrators assumed to be
non-hostile and trusted to perform their
duties correctly.
The objective (OE.Secure-Management) upholds the
assumption as:
assumption as:
•
Those responsible for the operation of the TOE must
ensure that management and configuration of the
security functions of the TOE are undertaken by trusted
staff trained in the secure operation of the TOE.
ensure that management and configuration of the
security functions of the TOE are undertaken by trusted
staff trained in the secure operation of the TOE.
A.TRAINING
Administrators of the TOE have
received training.
Administrators of the TOE have
received training.
The objective (OE.Secure-Management) upholds the
assumption as:
assumption as:
•
Management and configuration of the security
functions of the TOE are undertaken by trusted staff
trained in the secure operation of the TOE.
functions of the TOE are undertaken by trusted staff
trained in the secure operation of the TOE.
A.TRUSTED-CA
Digital Certificates are issued from an
evaluated/trusted Certificate Authority.
Digital Certificates are issued from an
evaluated/trusted Certificate Authority.
The objective (OE.Secure-Management) upholds the
assumption as:
assumption as:
•
Management and configuration of the security
functions of the TOE are implemented in conjunction
with an evaluated or trusted Certificate Authority (CA),
if digital certificates are used for TOE authentication.
functions of the TOE are implemented in conjunction
with an evaluated or trusted Certificate Authority (CA),
if digital certificates are used for TOE authentication.
A.SECURETIMESOURCE
Sources of time are secure.
Sources of time are secure.
The objective (OE.Secure-Management) upholds the
assumption as:
assumption as:
•
Management and configuration of the security
functions of the TOE are configured to interface only
to trusted clock sources
functions of the TOE are configured to interface only
to trusted clock sources