1.2.2 IT security objectives for the environment
O. Cryptographic functions
The TOE must implement approved cryptographic algorithms for
encryption/decryption, authentication, and signature generation/verification;
approved key generation techniques and use validated cryptographic modules.
(Validated is defined as FIPS 140-1 validated.)
O. Operating System
The operating system used is validated to provide adequate security, including
domain separation and nonbypassability, in accordance with security
requirements recommended by the National Institute of Standards and
Technology.
O. Periodically check integrity
Provide periodic integrity checks on both system and software.
O. Security roles
Maintain security-relevant roles and the association of users with those roles.
O. Validation of security function
Ensure that security-relevant software, hardware, and firmware are correctly
functioning through features and procedures.
O. Trusted Path
Provide a trusted path between the user and the system. Provide a trusted path to
security-relevant (TSF) data in which both end points have assured identities.
1.3 Security Objectives for both the TOE and the
Environment
This section specifies the security objectives that are jointly addressed by the TOE
and the environment.
1.3 Security Objectives for both the TOE and the Environment
Appendix D
Common Criteria Environment: Security Objectives
701