Comodo Korugan UTM Security Target Lite
Total Page:16
File Type:pdf, Size:1020Kb
Comodo Yazılım A.Ş. Tasnif Dışı/Unclassified Comodo Korugan UTM Security Target Lite Comodo Yazılım A.Ş. Comodo Korugan UTM 1.10 Security Target Lite COMODO YAZILIM A.Ş. The copyright and design right in this document are vested in Comodo Yazılım A.Ş. and the document is supplied to you for a limited purpose and only in connection with this project. No information as to the contents or the subject matter of this document or any part thereof shall be communicated in any manner to any third party without the prior consent in writing of Comodo Yazılım A.Ş. Copyright © Comodo Yazılım A.Ş., 2014-2017 Comodo Yazılım A.Ş. 1 / 48 Author: Onur Özardıç Comodo Yazılım A.Ş. Tasnif Dışı/Unclassified Comodo Korugan UTM Security Target Lite List of Tables Table 1 ST and TOE References ........................................................................................ 6 Table 2 Functional features of TOE ..................................................................................... 8 Table 3 Major Security Features of TOE ............................................................................. 8 Table 4 Assets using TOE resources .................................................................................15 Table 5 Threats addressed by TOE only ............................................................................16 Table 6 Threats met by TOE and TOE Security Environment ............................................16 Table 7 Threats Addressed by TOE Security Environment .................................................16 Table 8 Organizational Security Policies for TOE Environment ..........................................17 Table 9 Operational Environment Assumptions for TOE ....................................................17 Table 10 Environmental Security Objectives for TOE .........................................................18 Table 11 Operational Environment Security Objectives ......................................................20 Table 12 Security Objectives – Assumptions – Threats – Policies Matrix for TOE ..............21 Table 13 TOE Security Functional Requirements ...............................................................26 Table 14 Auditable Events by TOE ....................................................................................27 Table 15 Entities covered by ACCESS CONTROL SFP.....................................................30 Table 16 Subjects and objects controlled and relevant security attributes ..........................31 Table 17 TOE Security Assurance Levels .........................................................................39 Table 18 Rationale for TOE Security Functional Requirements ..........................................40 Table 19 Security Functional Requirements Dependencies ...............................................43 Table 20 TOE Security Functions .......................................................................................48 . Comodo Yazılım A.Ş. 2 / 48 Author: Onur Özardıç Comodo Yazılım A.Ş. Tasnif Dışı/Unclassified Comodo Korugan UTM Security Target Lite List of Figures Figure 1: Physical and Logical scope of the TOE ...............................................................10 Comodo Yazılım A.Ş. 3 / 48 Author: Onur Özardıç Comodo Yazılım A.Ş. Tasnif Dışı/Unclassified Comodo Korugan UTM Security Target Lite Table of Contents 1. SECURITY TARGET INTRODUCTION ................................................................................... 6 1.1 ST Reference and TOE Reference ................................................................................... 6 1.2 Document Conventions, Terminology & Acronyms ........................................................... 6 1.2.1 Conventions ............................................................................................................... 6 1.2.2 Terminology ............................................................................................................... 6 1.2.3 Acronyms ................................................................................................................... 6 1.3 TOE Overview .................................................................................................................. 7 1.3.1 General overview of the TOE and related components .............................................. 7 1.3.2 Required non-TOE hardware/software/firmware ........................................................ 7 1.3.2.1 Software environment of TOE ............................................................................. 7 1.3.2.2 Hardware Environment of TOE ........................................................................... 7 1.3.3 Major security and functional features ........................................................................ 8 1.3.3.1 TOE functional features ...................................................................................... 8 1.3.3.2 TOE major security features ............................................................................... 8 1.3.4 TOE Type .................................................................................................................. 9 1.3.5 TOE Description......................................................................................................... 9 1.3.5.1 Physical Scope ................................................................................................... 9 1.3.5.2 Logical Scope ................................................................................................... 10 1.3.5.3 Components Out of TOE Scope: ....................................................................... 11 2. CONFORMANCE CLAIM ...................................................................................................... 13 2.1 CC Conformance Claim .................................................................................................. 13 2.2 PP and Package Claim ................................................................................................... 13 2.2.1 Protection Profile (PP) Claim ................................................................................... 13 2.2.2 Package Claim ......................................................................................................... 13 2.3 Conformance Claim Rationale ........................................................................................ 13 3. SECURITY PROBLEM DEFINITION ..................................................................................... 15 3.1 Assets ............................................................................................................................. 15 3.2 External Entities .............................................................................................................. 15 3.3 Threats ........................................................................................................................... 15 3.3.1 Threats addressed by the TOE ................................................................................ 16 3.3.2 Threats met by the TOE and TOE Security Environment ......................................... 16 3.3.3 Threat to be addressed by TOE Security Environment ............................................ 16 3.4 Organizational Security Policies (OSP) ........................................................................... 16 3.5 Assumptions ................................................................................................................... 17 4. SECURITY OBJECTIVES ...................................................................................................... 18 4.1 Security Objectives for the TOE ...................................................................................... 18 4.2 Security Objectives for the Operational Environment ...................................................... 18 Comodo Yazılım A.Ş. 4 / 48 Author: Onur Özardıç Comodo Yazılım A.Ş. Tasnif Dışı/Unclassified Comodo Korugan UTM Security Target Lite 4.3 Security Objective Rationale ........................................................................................... 20 5 EXTENDED COMPONENT DEFINITION ............................................................................... 25 6 SECURITY REQUIREMENTS................................................................................................ 26 6.1 Security Functional Requirements for the TOE ............................................................... 26 6.1.1 Overview .................................................................................................................. 26 6.1.2. Security Function Requirements .............................................................................. 26 6.1.2.1 FAU_GEN.1 Audit data generation * ................................................................. 26 6.1.2.2 FAU_SAR.1 Audit review .................................................................................. 27 6.1.2.3 FAU_SAR.2 Restricted audit review ................................................................. 28 6.1.2.4 FAU_SAR.3 Selectable audit review ................................................................. 28 6.1.2.5 FDP_ACC.1 Subset access control .................................................................. 28 6.1.2.6 FDP_ACF.1 Subset Access Control .................................................................. 30 6.1.2.7 FDP_IFC.1 Subset Information Flow Control .................................................... 32 6.1.2.8 FDP_IFF.1