Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual page 702

1.3 Security Objectives for both the TOE and the Environment
O. Configuration Management
Implement a configuration management plan. Implement configuration
management to assure identification of system connectivity (software, hardware,
and firmware), and components (software, hardware, and firmware), auditing of
configuration data, and controlling changes to configuration items.
O. Data import/export
Protect data assets when they are being transmitted to and from the TOE, either
through intervening untrusted components or directly to/from human users.
O. Detect modifications of firmware, software, and backup data
Provide integrity protection to detect modifications to firmware, software, and
backup data.
O. Individual accountability and audit records
Provide individual accountability for audited events. Record in audit records: date
and time of action and the entity responsible for the action.
O. Integrity protection of user data and software
Provide appropriate integrity protection for user data and software.
O. Limitation of administrative access
Design administrative functions so that Administrators, Operators, Officers and
Auditors do not automatically have access to user objects, except for necessary
exceptions. Control access to the system by Operators and Administrators who
troubleshoot the system and perform system updates.
O. Maintain user attributes
Maintain a set of security attributes (which may include role membership. access
privileges, etc.) associated with individual users. This is in addition to user
identity.
O. Manage behavior of security functions
Provide management functions to configure, operate, and maintain the security
mechanisms.
702 Netscape Certificate Management System Administrator's Guide • February 2003