Security Objectives For Both The Toe And The Environment - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual

O. Periodically check integrity
Provide periodic integrity checks on both system and software.
O. Security roles
Maintain security-relevant roles and the association of users with those roles.
O. Validation of security function
Ensure that security-relevant software, hardware, and firmware are correctly functioning
through features and procedures.
O. Trusted Path
Provide a trusted path between the user and the system. Provide a trusted path to
security-relevant (TSF) data in which both end points have assured identities.
1.3 Security Objectives for both the TOE and the
Environment
This section specifies the security objectives that are jointly addressed by the TOE and the
environment.
O. Configuration Management
Implement a configuration management plan. Implement configuration management to
assure identification of system connectivity (software, hardware, and firmware), and
components (software, hardware, and firmware), auditing of configuration data, and
controlling changes to configuration items.
O. Data import/export
Protect data assets when they are being transmitted to and from the TOE, either through
intervening untrusted components or directly to/from human users.
O. Detect modifications of firmware, software, and backup data
Provide integrity protection to detect modifications to firmware, software, and backup data.
O. Individual accountability and audit records
Provide individual accountability for audited events. Record in audit records: date and time
of action and the entity responsible for the action.

1.3 Security Objectives for both the TOE and the Environment

Appendix D Common Criteria Environment: Security Objectives 711