Tumbleweed Valicert Validation Authority Security Target Version 1.0 04/3/06 Prepared for: Tumbleweed Communications 700 Saginaw Drive Redwood City, CA 94063 Prepared By: Science Applications International Corporation Common Criteria Testing Laboratory 7125 Columbia Gateway Drive, Suite 300 Columbia, MD 21046 Security Target Version 1.0, 04/3/06 1. SECURITY TARGET INTRODUCTION...........................................................................................................4 1.1 SECURITY TARGET, TOE AND CC IDENTIFICATION........................................................................................4 1.2 CONFORMANCE CLAIMS.................................................................................................................................4 1.3 CONVENTIONS ................................................................................................................................................4 2. TOE DESCRIPTION ..........................................................................................................................................6 2.1 TOE ARCHITECTURE......................................................................................................................................6 2.2 PHYSICAL BOUNDARIES ...............................................................................................................................11 2.3 LOGICAL BOUNDARIES.................................................................................................................................11 3. SECURITY ENVIRONMENT.........................................................................................................................12 3.1 SECURE USAGE ASSUMPTIONS .....................................................................................................................12 3.1.1 Personnel Assumptions........................................................................................................................12 3.1.2 Physical Assumptions ..........................................................................................................................13 3.1.3 Connectivity Assumptions....................................................................................................................13 3.2 THREATS ......................................................................................................................................................13 3.2.1 Authorized Users .................................................................................................................................13 3.2.2 System ..................................................................................................................................................13 3.2.3 Cryptography.......................................................................................................................................14 3.2.4 External Attacks...................................................................................................................................14 3.3 ORGANIZATION SECURITY POLICIES ............................................................................................................14 4. SECURITY OBJECTIVES ..............................................................................................................................15 4.1 SECURITY OBJECTIVES FOR THE TOE...........................................................................................................15 4.1.1 Authorized Users .................................................................................................................................15 4.1.2 System ..................................................................................................................................................15 4.1.3 External Attacks...................................................................................................................................15 4.2 SECURITY OBJECTIVES FOR THE ENVIRONMENT...........................................................................................15 4.2.1 Non-IT security objectives for the environment...................................................................................15 4.2.2 IT SECURITY OBJECTIVES FOR THE ENVIRONMENT....................................................................................16 4.3 SECURITY OBJECTIVES FOR BOTH THE TOE AND THE ENVIRONMENT ..........................................................17 5. IT SECURITY REQUIREMENTS..................................................................................................................19 5.1 SECURITY REQUIREMENTS FOR THE IT ENVIRONMENT ................................................................................19 5.1.1 Security Audit (FAU) ...........................................................................................................................19 5.1.2 Cryptographic Support (FCS)..............................................................................................................21 5.1.3 User Data Protection (FDP) ...............................................................................................................21 5.1.4 Identification and Authentication (FIA)...............................................................................................22 5.1.5 Security Management (FMT)...............................................................................................................22 5.1.6 Protection of the TSF (FPT) ................................................................................................................23 5.2 TOE SECURITY FUNCTIONAL REQUIREMENTS .............................................................................................25 5.2.1 Security Audit (FAU) ...........................................................................................................................26 5.2.2 Communication (FCO) ........................................................................................................................28 5.2.3 Cryptographic Support (FCS)..............................................................................................................28 5.2.4 User Data Protection (FDP) ...............................................................................................................28 5.2.5 Identification and Authentication (FIA)...............................................................................................32 5.2.6 Security Management (FMT)...............................................................................................................33 5.2.6 Protection of the TSF (FPT) ................................................................................................................36 5.3 TOE SECURITY ASSURANCE REQUIREMENTS...............................................................................................37 5.3.1 Configuration Management (ACM).....................................................................................................37 5.3.2 Delivery and Operation (ADO) ...........................................................................................................38 5.3.3 Development (ADV).............................................................................................................................38 5.3.4 Guidance Documents (AGD) ...............................................................................................................39 5.3.5 Life Cycle Support (ALC) ....................................................................................................................40 2 Security Target Version 1.0, 04/3/06 5.3.6 Tests (ATE) ..........................................................................................................................................40 5.3.7 Vulnerability Assessment (AVA) ..........................................................................................................41 5.4 STRENGTH OF FUNCTION REQUIREMENTS ....................................................................................................42 5.4.1 Authentication Mechanisms.................................................................................................................42 5.4.2 Cryptographic Modules .......................................................................................................................42 6. TOE SUMMARY SPECIFICATION..............................................................................................................44 6.1 TOE SECURITY FUNCTIONS..........................................................................................................................44 6.1.1 Security Audit.......................................................................................................................................44 6.1.2 Backup and Recovery...........................................................................................................................45 6.1.3 Access Control.....................................................................................................................................46 6.1.4 Identification and Authentication ........................................................................................................46 6.1.5 Remote Data Entry and Export............................................................................................................47 6.1.6 Key Management .................................................................................................................................47