Belkin® Secure DVI KVM Switch, Secure KM Switch and
Secure Windowing KVM EAL 4 augmented ALC_FLR.3 Security Target
4
Security Objectives
This chapter describes the security objectives for the TOE and the Operational Environment.
The security objectives are divided between TOE Security Objectives (for example, security
objectives addressed directly by the TOE) and Security Objectives for the Operating
Environment (for example, security objectives addressed by the IT domain or by non‐technical
or procedural means).
4.1 Security Objectives for the TOE
This section defines the IT security objectives that are to be addressed by the TOE.
Security Objective
O.CONF
O.INDICATE
O.ROM
O.SELECT
O.SWITCH
O.USBDETECT
O.UNIDIR
1
This objective differs slightly from the O.SWITCH objective in the PP. The user authentication device port may be
switched independently of other PERIPHERAL GROUPS.
Definition
The TOE shall not violate the confidentiality of information which it
processes or exposed to. Information generated within any PERIPHERAL
GROUP COMPUTER CONNECTION shall not be accessible by any other
PERIPHERAL GROUP with a different GROUP ID.
The AUTHORIZED USER shall receive an unambiguous indication of
which SWITCHED COMPUTER has been selected.
TOE software/firmware shall be protected against unauthorized
modification. Embedded software must be contained in mask‐
programmed or one‐time‐programmable read‐only memory or fuse
protected flash permanently attached (non‐socketed) to a circuit
assembly.
An explicit action by the AUTHORIZED USER shall be used to select the
COMPUTER to which the shared set of PERIPHERAL DEVICES user inputs
are routed to; Single push button, multiple push buttons, rotary
selection or mouse button methods are used by most current market
products. Automatic switching based on scanning shall not be used as a
selection mechanism.
All DEVICES except for User Authentication Device in a SHARED
PERIPHERAL GROUP shall be CONNECTED to at most one SWITCHED
1
COMPUTER at a time
.
The TOE shall detect any USB connection that is not a pointing device,
keyboard, user authentication device or display and will perform no
interaction with that device after the initial identification.
TOE circuitry shall assure that USER KEYBOARD, USER POINTING DEVICE
Rev. 1.01
Page | 27