IBM 10 SP1 EAL4 Manuale Utente
The Common Criteria for Information Technology Security Evaluation [CC] and the Common Methodology
for Information Technology Security Evaluation [CEM] demand breaking the TOE into logical subsystems
that can be either (a) products, or (b) logical functions performed by the system.
The approach in this section is to break the system into structural hardware and software subsystems that
include, for example, pieces of hardware such as planars and adapters, or collections of one or more software
processes such as the base kernel and kernel modules. Chapter 4 explains the structure of the system in terms
of these architectural subsystems. Although the hardware is also described in this document, the reader should
be aware that while the hardware itself is part of the TOE environment, it is not part of the TOE.
The following subsections present a structural overview of the hardware and software that make up an
individual eServer host computer. This single-computer architecture is one of the configurations permitted
under this evaluation.
for Information Technology Security Evaluation [CEM] demand breaking the TOE into logical subsystems
that can be either (a) products, or (b) logical functions performed by the system.
The approach in this section is to break the system into structural hardware and software subsystems that
include, for example, pieces of hardware such as planars and adapters, or collections of one or more software
processes such as the base kernel and kernel modules. Chapter 4 explains the structure of the system in terms
of these architectural subsystems. Although the hardware is also described in this document, the reader should
be aware that while the hardware itself is part of the TOE environment, it is not part of the TOE.
The following subsections present a structural overview of the hardware and software that make up an
individual eServer host computer. This single-computer architecture is one of the configurations permitted
under this evaluation.
2.2.1 eServer host computer structure
This section describes the structure of SLES for an individual eServer host computer. As shown in Figure 2-2,
the system consists of eServer hardware, the SLES kernel, trusted non-kernel processes, TSF databases, and
untrusted processes. In this figure, the TOE itself consists of Kernel Mode software, User Mode software,
and hardware. The TOE Security Functions (TSF) are shaded in gray. Details such as interactions within the
kernel, inter-process communications, and direct user access to the hardware are omitted.
the system consists of eServer hardware, the SLES kernel, trusted non-kernel processes, TSF databases, and
untrusted processes. In this figure, the TOE itself consists of Kernel Mode software, User Mode software,
and hardware. The TOE Security Functions (TSF) are shaded in gray. Details such as interactions within the
kernel, inter-process communications, and direct user access to the hardware are omitted.
The planar components, including CPUs, memory, buses, on board adapters, and support circuitry; additional
adapters, including LAN and video; and, other peripherals, including storage devices, monitors, keyboards,
and front-panel hardware, constitute the hardware.
adapters, including LAN and video; and, other peripherals, including storage devices, monitors, keyboards,
and front-panel hardware, constitute the hardware.
4
Figure 2-2: Overall structure of the TOE