Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual page 712

1.3 Security Objectives for both the TOE and the Environment
O. Integrity protection of user data and software
Provide appropriate integrity protection for user data and software.
O. Limitation of administrative access
Design administrative functions so that Administrators, Operators, Officers and Auditors do
not automatically have access to user objects, except for necessary exceptions. Control
access to the system by Operators and Administrators who troubleshoot the system and
perform system updates.
O. Maintain user attributes
Maintain a set of security attributes (which may include role membership. access privileges,
etc.) associated with individual users. This is in addition to user identity.
O. Manage behavior of security functions
Provide management functions to configure, operate, and maintain the security
mechanisms.
O. Object and data recovery free from malicious code
Recover to a viable state after malicious code is introduced and damage occurs. That state
must be free from the original malicious code.
O. Procedures for preventing malicious code
Incorporate malicious code prevention procedures and mechanisms.
O. Protect stored audit records
Protect audit records against unauthorized access, modification, or deletion to ensure
accountability of user actions.
O. Protect user and TSF data during internal transfer
Ensure the integrity of user and TSF data transferred internally within the system.
O. Require inspection for downloads
Require inspection of downloads/transfers.
O. Respond to possible loss of stored audit records
Respond to possible loss of audit records when audit trail storage is full or nearly full by
restricting auditable events.
712 Red Hat Certificate System Administrator's Guide • September 2005