Chapter7RATIONALE
O.AUDIT_RE-
VIEW
O.MANAGEO.IDAUTHO.MEDIATEO.TOE_AC-
CESS
O.ROUTE
FIA_UAU.5×
FIA_UID.2×
FMT_MOF.1×
FMT_MSA.1××
FMT_MSA.3××
FMT_MTD.1(1)×
FMT_MTD.1(2)×
FMT_MTD.1(3)×
FMT_MTD.1(4)×
FMT_SMF.1×
FMT_SMR.1×
FPT_STM.1×
FTA_SSL.3×
FTA_TSE.1×
FTP_ITC.1(1)××
FTP_ITC.1(2)×
FTP_ITC.1(3)×
ThefollowingtablepresentsamappingoftherationaleofTOESecurityRequirementsto
Objectives.
Table7-4MappingoftherationaleofTOESecurityRequirementstoObjectives.
OBJECTIVESSFRRationale
O.AUDIT_REVIEW
TheTOEwillprovidetheprivilegedadministrators
andauthenticationadministratorsthecapability
toreviewAuditdataandwillrestrictauditreview
toadministratorswhohavebeengrantedexplicit
read-access.TheTOEwillgenerateaudit
recordswhichwillincludethetimethattheevent
occurredandtheidentityoftheadministrator
performingtheevent.
Thisobjectiveismetby:
lFAU_GEN.1andFAU_GEN.2outlinewhat
eventsmustbeauditedandifpossiblean
useridentityisassociated.
lFAU_SAR.1requiresthattheaudittrailcan
beread.
lFAU_STG.1requiresthatunauthorized
deletionofauditrecordsdoesnotoccur,
andthushelpstomaintainaccountabilityfor
actions
lFAU_STG.4requiresthatunauthorised
deletionofauditrecordsdoesnotoccur,
andthushelpstomaintainaccountabilityfor
actions
7-3
SJ-20110815105844-030|2011/08/19(R1.6)ZTECORPORATION
To Next Page
Loading...
