Cisco Cisco IOS Software Release 12.4(23)
8. Rationale
Document Organization
42
Security Target For Cisco IOS IPSec
8.2.2 Suitability of TOE Security Functions to Meet Security Requirements
•
The requirement to restrict the ability to
query, modify, delete and clear the TSF
configuration to privileged administrators is
provided by FMT_MTD.1;
query, modify, delete and clear the TSF
configuration to privileged administrators is
provided by FMT_MTD.1;
•
The requirement for reliable time-stamps is
satisfied by FPT_STM.1;
satisfied by FPT_STM.1;
•
The requirement for the self-testing of the
abstract machine upon which the security
functions rely is satisfied by FPT_AMT.1.;
abstract machine upon which the security
functions rely is satisfied by FPT_AMT.1.;
•
The requirement for self-testing upon startup
to verify the proper operation of the TSF code
is satisfied by FPT_TST.1
to verify the proper operation of the TSF code
is satisfied by FPT_TST.1
1.
FAU_AUD.1 is a bespoke component based on the [CC] Part 2 component FAU_GEN.1.
Table 20
SFR to TSF Cross Reference
TSF
SFR
IPSEC.1
IPSEC.2
IPSEC.3
PACKETFILTER.1
CONFIG.1
CONFIG.2 CONFIG.3
KEYMGT.1
FAU_AUD.1
1
X
FAU_SAR.1
X
FCO_NRO.2
X
FCS_CKM.1(1)
X
FCS_CKM.1(2)
X
FCS_CKM.4
X
FCS_COP.1(1)
X
FCS_COP.1(2)
X
FDP.IFC.1
X
X
FDP.IFF.1
X
X
FDP_UCT.1
X
FDP_UIT.1
X
FIA_UAU.2
X
FIA_UAU.5
X
FIA_UID.2
X
FMT_MOF.1
X
FMT_MSA.1
X
FMT_MSA.2
X
X
FMT_MSA.3
X
Table 19
SFR Sufficiency (continued)
Objectives
Requirements