CC HUAWEI iMaster NCE V100R019C10 - Security Target Issue 1.9 Date 2020-9-04 HUAWEI TECHNOLOGIES CO., LTD. Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: https://www.huawei.com Email: [email protected] Issue 1.0 (2020-7-22) 版权所有 © 华为技术有限公司 i CC HUAWEI iMaster NCE V100R019C10 - Security Target Issue 1.0 (2020-7-22) 版权所有 © 华为技术有限公司 ii CC HUAWEI iMaster NCE V100R019C10 - Security Target About This Document About This Document Change History Version Date Change Description Author V1.0 2020-1-4 Initial Draft Li Ling, Wang Feng, Rao Lei， Guoxiaoqing V1.1 2020-2-20 Modified according to Rao Lei, Li Ling, Wang Feng review comments V1.2 2020-4-21 Modified according to Rao Lei, Li Ling, Wang Feng ASE Action item list v2.0 V1.3 2020-4-24 Updated physical Rao Lei, Li Ling, Wang Feng scope V1.4 2020-5-20 Modified according to Li Ling , Rao Lei review comments V1.5 2020-7-3 Modified according to Li Ling , Rao Lei review comments V1.6 2020-7-9 Modified according to Li Ling, Rao Lei review comments V1.7 2020-7-22 Modified according to Li Ling review comments V1.8 2020-7-30 Modified according to Rao Lei review comments V1.9 2020-9-04 Update the Description Li Ling of EulerOS version in ‘Table 1-8 Server configuration requirements’ Issue 1.0 (2020-7-22) 版权所有 © 华为技术有限公司 iii CC HUAWEI iMaster NCE V100R019C10 - Security Target About This Document Issue 1.0 (2020-7-22) 版权所有 © 华为技术有限公司 iv CC HUAWEI iMaster NCE V100R019C10 - Security Target Contents Contents About This Document .............................................................................................................. ii 1 Introduction .............................................................................................................................. 1 1.1 ST Reference ...................................................................................................................................................... 1 1.2 TOE Reference ................................................................................................................................................... 1 1.3 TOE Overview ..................................................................................................................................................... 1 1.3.1 TOE Usage and Major Security Features ...................................................................................................... 2 1.3.2 TOE Type.......................................................................................................................................................... 3 1.3.3 Non-TOE Hardware and Software .................................................................................................................. 4 1.4 TOE Description .................................................................................................................................................. 8 1.4.1 TOE Definition Scope ...................................................................................................................................... 8 1.4.1.1 Physical Scope .............................................................................................................................................. 8 1.4.1.2 Logical Scope ...............................................................................................................................................12 2 CC Conformance Claims ..................................................................................................... 14 3 Security Problem Definition ................................................................................................ 16 3.1 Assumptions .......................................................................................................................................................16 3.2 Threats ...............................................................................................................................................................16 3.2.1 Assets and Agents ..........................................................................................................................................16 3.2.2 Threats Addressed by the TOE......................................................................................................................17 3.2.2.1 T.UnauthenticatedAccess ............................................................................................................................17 3.2.2.2 T.UnauthorizedAccess .................................................................................................................................17 3.2.2.3 T.Eavesdrop..................................................................................................................................................17 4 Security Objectives ............................................................................................................... 19 4.1 Security Objectives for the TOE .......................................................................................................................19 4.2 Security Objectives for the Operational Environment .....................................................................................19 4.3 Security Objectives Rationale ...........................................................................................................................20 4.3.1 Coverage .........................................................................................................................................................20 4.3.2 Sufficiency .......................................................................................................................................................21 5 Security Requirements for the TOE................................................................................... 24 5.1 Conventions .......................................................................................................................................................24 5.2 Security Requirements ......................................................................................................................................24 5.2.1 Security Audit (FAU) .......................................................................................................................................24 Issue 1.0 (2020-7-22) 版权所有 © 华为技术有限公司 v CC HUAWEI iMaster NCE V100R019C10 - Security Target Contents 5.2.1.1 FAU_GEN.1 Audit Data Generation ...........................................................................................................24 5.2.1.2 FAU_GEN.2 User Identity Association .......................................................................................................25 5.2.1.3 FAU_SAR.1 Audit Review ...........................................................................................................................25 5.2.1.4 FAU_SAR.2 Restricted Audit Review .........................................................................................................25 5.2.1.5 FAU_SAR.3 Selectable Audit Review ........................................................................................................26 5.2.1.6 FAU_STG.1 Protected Audit Trail Storage .................................................................................................26 5.2.1.7 FAU_STG.3 Action in Case of Possible Audit Data Loss ..........................................................................26 5.2.2 User Data Protection (FDP) ...........................................................................................................................26 5.2.2.1 FDP_ACC.2 Completing Access Control ...................................................................................................26 5.2.2.2 FDP_ACF.1 Security Attribute-Based Access Control...............................................................................26 5.2.2.3 FDP_UIT.1 Data exchange integrity ...........................................................................................................27 5.2.3 Identification and Authentication (FIA) ..........................................................................................................27 5.2.3.1 FIA_UID.2 User Identification Before Any Action