IBM Z/VM Version 6 Release 4 Security Target

IBM Z/VM Version 6 Release 4 Security Target

IBM z/VM Version 6 Release 4 Security Target Version: 1.2 Status: Released Last Update: 2017-11-29 Classification: Public IBM Corporation IBM z/VM Version 6 Release 4 Security Target Trademarks The following terms are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both: ● Enterprise Systems Architecture/390 ● ESA/390 ● IBM ● IBM logo ● HiperSockets ● PR/SM ● Processor Resource/Systems Manager ● RACF ● S/390 ● z System ● VM/ESA ● z/Architecture ● z/VM Other company, product, and service names may be trademarks or service marks of others. Legal Notice This document contains information of a confidential nature. Review and Approval Process: Refer to the inspection process in the z System Software Programming Process. Required Reviewers ● Brian Hugenbruch Document Distribution and Change Notification: The document is distributed to the reviewers of this line item. When reissued with changes, the document owner sends a note to the reviewers notifying them of the availability of a new document version. Revision History Revision Date Author(s) Changes to Previous Revision 1.2 2017-11-29 Brian W. Released public version Hugenbruch Version: 1.2 Classification: Public Page 2 of 125 Last update: 2017-11-29 Copyright © 2017 by atsec information security and IBM IBM Corporation IBM z/VM Version 6 Release 4 Security Target Table of Contents 1 Introduction ................................................................................................... 10 1.1 Security Target Identification ....................................................................................... 10 1.2 TOE Identification ........................................................................................................ 10 1.3 TOE Type ...................................................................................................................... 10 1.4 TOE Overview .............................................................................................................. 10 1.5 TOE Description ........................................................................................................... 11 1.5.1 Structure and concept of z/VM ............................................................................ 12 1.5.1.1 Differences from other operating systems ................................................. 12 1.5.1.2 z/VM’s Kernel and non-kernel software ....................................................... 13 1.5.1.3 User’s management of virtual machines using the Control Program ......... 14 1.5.1.4 Communication between virtual machines and with the Control Program .................................................................................................................... 15 1.5.1.5 Single System Image (SSI) Cluster ............................................................. 77 1.5.2 Intended Method of Use ...................................................................................... 18 1.5.2.1 Conversational Monitor System (CMS) ....................................................... 19 1.5.3 Summary of Security Features ............................................................................ 20 1.5.3.1 Identification and Authentication ............................................................... 20 1.5.3.2 Discretionary Access Control ...................................................................... 21 1.5.3.3 Mandatory Access Control and Support for Security Labels ....................... 21 1.5.3.4 Separation of virtual machines ................................................................... 21 1.5.3.5 Audit ........................................................................................................... 21 1.5.3.6 Object reuse functionality .......................................................................... 21 1.5.3.7 Security Management ................................................................................ 22 1.5.3.8 TSF Protection ............................................................................................ 22 1.5.3.9 SSI clustering .............................................................................................. 22 1.5.4 Configurations ..................................................................................................... 22 1.5.4.1 Software Components ................................................................................ 22 1.5.4.2 Software Privileges ..................................................................................... 23 1.5.4.3 Software Configuration ............................................................................... 23 1.5.4.4 Hardware configurations ............................................................................ 23 2 CC Conformance Claim ................................................................................... 25 3 Security Problem Definition ............................................................................ 26 3.1 Threat Environment ..................................................................................................... 26 3.1.1 Assets .................................................................................................................. 26 3.1.2 Threat agents ...................................................................................................... 26 3.1.3 Threats countered by the TOE ............................................................................ 27 3.2 Assumptions ................................................................................................................ 28 3.2.1 Environment of use of the TOE ........................................................................... 28 3.2.1.1 Physical ...................................................................................................... 28 3.2.1.2 Personnel .................................................................................................... 28 3.2.1.3 Procedural .................................................................................................. 29 3.2.1.4 Connectivity ............................................................................................... 29 Version: 1.2 Classification: Public Page 3 of 125 Last update: 2017-11-29 Copyright © 2017 by atsec information security and IBM IBM Corporation IBM z/VM Version 6 Release 4 Security Target 3.3 Organizational Security Policies ................................................................................... 29 4 Security Objectives ........................................................................................ 31 4.1 Objectives for the TOE ................................................................................................. 31 4.2 Objectives for the Operational Environment ................................................................ 33 4.3 Security Objectives Rationale ...................................................................................... 34 4.3.1 Security Objectives Coverage ............................................................................. 34 4.3.2 Security Objectives Sufficiency ........................................................................... 36 5 Extended Components Definition .................................................................... 42 5.1 Class FCS: Cryptographic support ................................................................................ 42 5.1.1 Random number generator (RNG) ...................................................................... 42 5.1.1.1 FCS_RNG.1 - Random number generation .................................................. 42 6 Security Requirements ................................................................................... 44 6.1 Security Requirements for the Operational Environment ............................................ 44 6.1.1 General security requirements for the abstract machine .................................... 44 6.1.1.1 Subset access control (FDP_ACC.1(E)) ........................................................ 44 6.1.1.2 Security-attribute-based access control (FDP_ACF.1(E)) ............................. 44 6.1.1.3 Static attribute initialization (FMT_MSA.3(E)) ............................................. 45 6.2 TOE Security Functional Requirements ........................................................................ 45 6.2.1 z/VM general purpose computing ........................................................................ 50 6.2.1.1 Audit data generation (FAU_GEN.1) ........................................................... 50 6.2.1.2 User identity association (FAU_GEN.2) ...................................................... 51 6.2.1.3 Audit review (FAU_SAR.1) .......................................................................... 51 6.2.1.4 Restricted audit review (FAU_SAR.2) ......................................................... 51 6.2.1.5 Selectable audit review (FAU_SAR.3) ......................................................... 51 6.2.1.6 Selective audit (FAU_SEL.1) ....................................................................... 51 6.2.1.7 Protected audit trail storage (FAU_STG.1) ................................................. 52 6.2.1.8 Action in case of possible audit data loss (FAU_STG.3) .............................. 52 6.2.1.9 Prevention of audit data loss (FAU_STG.4) ................................................. 52 6.2.1.10 Cryptographic key generation (FCS_CKM.1(SYM))

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    125 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us