Table of Contents
Advertisement
FPT_TST_CIMC.3 Software/firmware load test
FPT_TST_CIMC.3.1
recommended authentication technique (e.g., an authentication code, keyed hash,
or digital signature algorithm) shall be applied to all security-relevant software and
firmware that can be externally loaded into the CIMC.
FPT_TST_CIMC.3.2
keyed hash, or digital signature whenever the software or firmware is externally
loaded into the CIMC. If verification fails, the IT environment shall [not enable the
TOE].
Rationale : This component is necessary to specify a unique requirement for
certificate issuing and management components that is not addressed by the CC. It
satisfies the security objective O.Integrity protection of user data and software and
O.Periodically check integrity.
Trusted path/channels (FTP)
FTP_TRP.1 Trusted path
FTP_TRP.1.1
The IT environment shall provide a communication path between
itself and [local] users that is logically distinct from other communication paths
and provides assured identification of its end points and protection of the
communicated data from modification or disclosure.
The IT environment shall permit [local users] to initiate
FTP_TRP.1.2
communication via the trusted path.
FTP_TRP.1.3
The IT environment shall require the use of the trusted path for
initial user authentication, [and no other services].
CIMC TOE Access Control Policy
The TOE shall support the administration and enforcement of a CIMC TOE access
control policy that provides the capabilities described below.
Subjects (human users) will be granted access to objects (data/files) based upon
the:
Identity of the subject requesting access,
1.
Role (or roles) the subject is authorized to assume,
2.
Type of access requested,
3.
A cryptographic mechanism using a FIPS-approved or
The IT environment shall verify the authentication code,
Appendix A
Common Criteria Environment: Security Requirements
Security Requirements for the IT Environment
675
Advertisement
Table of Contents
