Cisco Cisco IOS Software Release 12.4(23)
5. IT Security Requirements
Document Organization
22
Security Target For Cisco IOS IPSec
The TSF shall authenticate any user's claimed identity according to the [mechanism as defined in the
TOE configuration by the privileged administrator].
TOE configuration by the privileged administrator].
FIA_UAU.5.2
5.1.15 - User identification before any action (FIA_UID.2)
The TSF shall require each user to identify itself before allowing any other TSF-mediated actions on
behalf of that user.
behalf of that user.
FIA_UID.2.1
5.1.16 - Management of security functions behavior (FMT_MOF.1)
The TSF shall restrict the ability to [determine the behavior of, disable, enable, and modify the behavior
of] the functions [that implement the information flow control SFP] to [privileged administrators].
of] the functions [that implement the information flow control SFP] to [privileged administrators].
FMT_MOF.1.1
5.1.17 - Management of security attributes (FMT_MSA.1)
The TSF shall enforce the [information flow control SFP] to restrict the ability to [
a.
query
b.
query, modify and delete]
the security attributes [TSF configuration] to [
a.
administrator
b.
privileged administrator.]
FMT_MSA.1.1
Application Note: the administrator can only query, whereas the privileged administrator can query
modify and delete the TSF configuration.
modify and delete the TSF configuration.
5.1.18 - Secure security attributes (FMT_MSA.2)
The TSF shall ensure that only secure values are accepted for security attributes.
FMT_MSA.2.1
5.1.19 - Static attribute initialization (FMT_MSA.3)
The TSF shall enforce the [information flow control SFP] to provide [restrictive] default values for
security attributes that are used to enforce the SFP.
security attributes that are used to enforce the SFP.
FMT_MSA.3.1
The TSF shall allow the [privileged administrator] to specify alternative initial values to override the
default values when an object or information is created.
default values when an object or information is created.
FMT_MSA.3.2