Belkin® Secure DVI KVM Switch, Secure KM Switch and
Secure Windowing KVM EAL 4 augmented ALC_FLR.3 Security Target
T.PERIP
A USER may connect to
the TOE a qualified
PERIPHERAL DEVICE that
has a security
vulnerability which
allows the transfer of
USER or NETWORK
information through the
coupled TOE, thereby
violating the
confidentiality of
information.
T.TRANSFER
A CONNECTION, via the
TOE, between
COMPUTERS may allow
information transfer.
selection methods are used by most
(if not all) current market products.
Automatic switching based on
scanning shall not be used as a
selection mechanism.
O.ROM
TOE software/firmware shall be
protected against unauthorized
modification. Embedded software
must be contained in mask‐
programmed
or
programmable read‐only memory
or fuse protected flash permanently
attached (non‐socketed) to a circuit
assembly.
O.UNIDIR
The TOE circuitry shall assure that
USER KEYBOARD, USER POINTING
DEVICE and EDID data will flow only
from PERIPHERAL DEVICES to the
SWITCHED COUPLED COMPUTER.
O.CONF
The TOE shall not violate the
confidentiality
of
which it processes. Information
generated within any PERIPHERAL
GROUPCOMPUTER
shall not be accessible by any other
PERIPHERAL
GROUP‐COMPUTER
CONNECTION.
O.ROM
This Objective assures that TOE
software/firmware
protected against unauthorized
modification by ensuring that
one‐time‐
embedded software is contained
in read‐only memory. This
ensures that any ROM used in
the TSF to hold embedded TSF
data may not be re‐programmed.
O.UNIDIR
This objective will ensure that
console
POINTING DEVICE data will only
flow through the TOE in one
direction
DEVICES to the SWITCHED
COUPLED COMPUTER, thereby
preventing data transfer from
connected
NETWORKS
devices.
O.CONF
If the PERIPHERALS can be
information,
CONNECTED to more than one
COMPUTER at any given instant,
then a channel may exist which
CONNECTION
would
information from one to the
other.
important for DEVICES with bi‐
directional
channels such as KEYBOARD and
POINTING DEVICES. Since many
PERIPHERALS
Rev. 1.01
will
be
KEYBOARD
and
from
PERIPHERAL
COMPUTERS
or
to
peripheral
allow
transfer
of
This
is
particularly
communications
now
have
Page | 34