Security Target (Against BSI PP)

Security Target (Against BSI PP)

Huawei EulerOS Version 2.0 Common Criteria Evaluation Security Target (Against BSI PP) Version 0.13 Status Released Last update 2019-04-13 Classification Public HUAWEI TECHNOLOGIES CO., LTD. 1 / 112 Copyright © Huawei Technologies Co., Ltd. 2015. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: http://e.huawei.com 2 / 112 About This Document Purpose This document provides description about ST (Security Target) against BSI PP. Change History Changes between document issues are cumulative. The latest document issue contains all the changes made in earlier issues. Revisio n Section Date Change Description Author Versio Number n 2017.06. 0.1 All Initial Draft 06 2017.08. 0.2 All Add extended package 02 (AM), FCS_COP.1(DP,IV), RNG(SSL-DFLT, DM-INIT, DM-RUN, NSS, IV); Supported algorithms sorted; Change ‘trusted boot’ to ‘secure boot’; 2017.09. 0.3 All Changed based on 29 internal review results; SSSD removed; Assignment/selection added; 2018.01. 0.4 All ‘A.PROTECT.INTEGRITY’ 10 replaced with ‘A.PROTECT.NMENV’ according to [OSPP-TB]; security features in logical boundaries re- ordered; section “Runtime Protection Mechanisms” removed from TSS and logical boundaries ; Format of Table 18 changed; 3 / 112 ‘O.CRYPTO.USERDATA’ renamed to ‘O.CP.USERDATA’, and ‘FCS_COP.1(DP)’ renamed to ‘FCS_COP.1(CP)’; 2018.03. 0.5 FMT_MTD.1(IV- No user can query or 23 ACT) change the action on integrity violation, and an application note is added; “Non-TOE More supported server Hardware, models are added. Software, Firmware supported” All Review info removed. 2018.04. 0.6 FCS_CKM.1(DS DSA usage in OpenSSH is 20 A) moved outside of the scope of this ST; All Typographical convention is added in section “Security requirements”; Changes according to EE’s feedback. 2018.05. 0.7 FMT_MTD.1(AE) Format some text as AMR 21 suggested; FMT_MTD.1(AM “selection: delete, -MR) clear” is changed to “selection: delete” as AMR suggested. FMT_MSA.1(TS CAP_FOWNER is changed O) to CAP_SYS_ADMIN FIA_ATD.1(HU) The example about soft token is removed from application note. MT_MTD.1(NI) CAP_NET_RAW is added for iptables. FMT_MTD.1(IAU ‘general information’ is ) used instead of ‘authentication data’, and an explanation is also added in the application note. 2018.07. 0.8 FMT_MTD.1(AE) The ability to 23 query/modify audit rules is given to only ROOT user. (uid is checked in source code) “Security Policy ‘named objects’ are Model” in classified into two types: chapter user mode objects, kernel 4 / 112 ‘Security Target mode objects; Introduction’ FDP_ACC.1(PSO An application note is ) Subset access added, stating WRITE not control supported for some file systems (e.g. ISO9660). 2018.08. 0.9 Section ‘Non- “(with TPM chip 21 TOE Hardware, embedded)” removed. Software, Firmware supported’ FCS_CKM.1(DS ‘L=2048, N=224’ A) removed. FAU_STG.4 Option ‘notify the root user’ removed. FMT_MSA.3(TS Add NOTE in the O) ‘application note’: umask does not impact System V IPCs. FDP_IFF.1.3 ‘Statistical analysis matching’ removed; FDP_ACC.1(PSO Application note added )and for vfat, as it is persistent FDP_ACF.1(PSO file system but not POSIX ) compliant. 2018.09. 0.10 FAU_STG.4.1 Option ‘a)Stop all 12 processes that attempt to generate an audit record;’ is removed. 7.1.3 Description of ‘Audit log overflow protection’ is changed accordingly. 2018.12. 0.11 FCS_COP.1(NET TLS algorithms recovered 03 ) based on the test result 2019.01. 0.12 Non-TOE New Taishan models are 02 Hardware, added. Software, Firmware supported 2019.04. 0.13 Section 1.3.2.1; Modified according to 13 Section 2; feedback from CB: Section 1.3.2.1 (for general hardware platform) removed; PP/ExtPackage URL added at the end of Section 2; 5 / 112 Contents About This Document......................................................................................................................3 Index of Tables............................................................................................................................. 9 1 Security Target Introduction............................................................................................ 10 1.1 Security Target Reference......................................................................................... 10 1.2 TOE Reference.............................................................................................................. 10 1.3 TOE Overview................................................................................................................10 1.4 TOE Description............................................................................................................ 12 2 Conformance Claims...........................................................................................................19 3 Security Problem Definition..............................................................................................20 3.1 Threats........................................................................................................................... 20 3.1.1 Assets............................................................................................................................. 20 3.1.2 Threat Agents............................................................................................................... 20 3.1.3 Threats countered by the TOE...................................................................................20 3.1.4 Threats to be countered by the TOE environment................................................22 3.2 Organizational Security Policies............................................................................... 22 3.3 Assumptions..................................................................................................................22 3.3.1 Physical aspects........................................................................................................... 22 3.3.2 Personnel aspects........................................................................................................22 3.3.3 Procedural aspects...................................................................................................... 23 3.3.4 Connectivity aspects................................................................................................... 23 4 Security Objectives.............................................................................................................25 4.1 Security Objectives for the TOE................................................................................ 25 4.2 Security Objectives for the Operational Environment..........................................26 4.3 Rationale for Security Objectives............................................................................. 28 4.3.1 Security Objectives coverage.................................................................................... 28 4.3.2 Security Objectives sufficiency................................................................................. 29 5 Extended Components Definition....................................................................................37 5.1 FCS_RNG Generation of random numbers...............................................................37 5.2 FDP_RIP.3 Full residual information protection of resources............................. 38 5.3 FIA_USB.2 Enhanced user-subject binding............................................................. 39 5.4 FPT_TIM TSF integrity monitoring............................................................................ 40 6 Security Requirements...................................................................................................... 42 6.1 Security Functional Requirements........................................................................... 42 6.1.1 FAU_GEN.1 Audit data generation............................................................................ 42 6.1.2 FAU_GEN.2 User identity association.......................................................................43 6.1.3 FAU_SAR.1 Audit review............................................................................................. 43 6.1.4 FAU_SAR.2 Restricted audit review.........................................................................43 6.1.5 FAU_SEL.1 Selective audit.........................................................................................43

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    112 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us