HP A-Series Especificações descarregar pdf (Página 56)

Security Target Version 1.02, 08/16/2013

8.1.1.6 T.UNDETECTED_ACTIONS

Malicious remote users or external IT entities may take actions that adversely affect the security of the

TOE. These actions may remain undetected and thus their effects cannot be effectively mitigated.

This Threat is satisfied by ensuring:

 O.SYSTEM_MONITORING: To reduce the potential of security relevant actions occurring without notice,

the TOE is expected to log security relevant events and export those logs to an external log server.

8.1.1.7 T.USER_DATA_REUSE

User data may be inadvertently sent to a destination not intended by the original sender.

This Threat is satisfied by ensuring:

 O.RESIDUAL_INFORMATION_CLEARING: To reduce the potential of data being erroneously sent to

an unintended recipient, the TOE is expected to ensure residual data is appropriately managed.

8.1.1.8 A.NO_GENERAL_PURPOSE

It is assumed there are no general-purpose computing capabilities (e.g., compilers or user applications)

available on the TOE, other than those services necessary for the operation, administration and support of

the TOE.

This Assumption is satisfied by ensuring:

 OE.NO_GENERAL_PURPOSE: There are no general-purpose computing capabilities (e.g., compilers or

user applications) available on the TOE, other than those services necessary for the operation,

administration and support of the TOE.

8.1.1.9 A.PHYSICAL

Physical security, commensurate with the value of the TOE and the data it contains, is assumed to be

provided by the environment.

This Assumption is satisfied by ensuring:

 OE.PHYSICAL: Physical security, commensurate with the value of the TOE and the data it contains, is

provided by the environment.

8.1.1.10 A.TRUSTED_ADMIN

TOE Administrators are trusted to follow and apply all administrator guidance in a trusted manner.

This Assumption is satisfied by ensuring:

 OE.TRUSTED_ADMIN: TOE Administrators are trusted to follow and apply all administrator guidance in

a trusted manner.

8.2 Security Requirements Rationale

This section provides evidence supporting the internal consistency and completeness of the components

(requirements) in the Security Target. Table 12 indicates the requirements effectively satisfy the individual

objectives.

8.2.1 Security Functional Requirements Rationale

All Security Functional Requirements (SFR) identified in this Security Target are fully addressed in this section and

each SFR is mapped to the objective for which it is intended to satisfy. The NDPP does not explicitly or clearly

correspond or rationalize correspondence between its Security Problem Definition and Security Objectives, so the

mapping had to be inferred and correspondence rationale has been devised to complete this ST appropriately.

1 2 ... 51 52 53 54 55 56 57 58 59 60 61 ... 65 66

Sem comentários

HP A-Series Especificações Página 56