Chapter7
RATIONALE
TableofContents
RATIONALEFORSECURITYOBJECTIVES.............................................................7-1
SECURITYREQUIREMENTSRATIONALE...............................................................7-2
7.1RATIONALEFORSECURITYOBJECTIVES
7.1.1RationaleforSecurityObjectivesfortheTOE
ThissectionprovidesamappingofTOEsecurityobjectivestothosethreats/OSPthatthe
TOEisintendedtocounter.SincetheSecurityObjectivesfortheTOEwerederiveddirectly
fromthethreats/OSPthereisaonetoonemappingbetweenthem.Itisalsoclearsince
theSecurityObjectivesfortheTOEaresimplyarestatementoftheapplicablethreat/OSP ,
thateachobjectiveissuitabletomeetitscorrespondingthreat/OSP .
Table7-1MappingofSecurityObjectivestoThreats/OSP
O.AU-
DIT_RE-
VIEW
OE.AU-
DIT_RE-
VIEW
O.MANAGEO.IDAUTHO.MEDIATEO.TOE_AC-
CESS
O.ROUTE
T.AUDIT_RE-
VIEW
××
T.NO_PRIVI-
LEGE
×
T.MEDIATE×
T.NO_AUTH
_SESSION
×
T.NO_AUTH-
_ACCESS
×
P .ROUTE×
7.1.2RationaleforSecurityObjectivesfortheEnvironment
Thissectionprovidesamappingofenvironmentsecurityobjectivestothoseassumptions
thatmustbemet.SincetheSecurityObjectivesfortheOperationalenvironmentwere
deriveddirectlyfromtheAssumptionsthereisaonetoonemappingbetweenthem.It
7-1
SJ-20110815105844-030|2011/08/19(R1.6)ZTECORPORATION
To Next Page
Loading...
