The Official Unofficial Zorp project
 
Overview| Examples| Bugs| FAQ | White papers | Download | Help wanted | SourceForge Project page | Filltable utility  
 
 
SourceForge.net: SF.net Project News: Zorp unofficial
  • zorp 2.0.9-6 has been released
  • iptables-utils zorp-unoff version has been released
  • New whitepaper, even more FAQs
  • Zorp whitepapers released, new FAQs
  • New tproxy versions
  • New Zorp version: get the DN
  • The best bughunter
  • Bughunting contest extended
  • Valentine day bughunting contest!
  • Site updates: FAQ, design
    		•
    SourceForge.net: Project File Releases: Zorp unofficial
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:49:58 GMT)
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:40:56 GMT)
  • iptables-utils 1.21-1 released (Mon, 01 Nov 2004 21:19:42 GMT)
  • zorp 2.0.9-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorplibll 2.0.26.24-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorp zorp_2.0.8-1 released (Thu, 11 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-2 released (Wed, 03 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-1 released (Tue, 11 Nov 2003 00:00:00 GMT)
  • zorplibll zorplibll_2.0.26.23-1 released (Mon, 10 Nov 2003 00:00:00 GMT)
    		•
    		Next Previous Contents

    6. Security functional requirements rationale

    6.1 All objectives against the TOE are satisfied

    • TOE.STRICT_INPUT_CHECK is satisified by TOE:FDP_ITC.1, which enforces the filltable policy in regard to the input of the TOE. The filltable policy (described in TOE:FDP_IFF.1) contains the requirement for the input check among the additional flow control SFP rules. The objective is supported by TOE:FPT_AMT.1 by making sure that the mechanisms used are working as excepted.
    • TOE.AUDIT_EXCEPTIONS is satisfied by TOE:FAU_GEN.1, in events 4, and 5. This covers the whole scope of the objective, as all the error conditions of the underlying libraries throw exceptions. TOE:FAU_SAR.1 ensures that the audit trail is actually useable. The objective is supported by TOE:FPT_AMT.1 by making sure that the mechanisms used are working as excepted.
    • TOE.CAREFUL_AUDIT is handled by the refinement of TOE:FAU_GEN.1, as it covers for the two most important ways of exploiting implementation problems: buffer overrun and code insertion attacks.
    • TOE.FUNCTION gives the business function of the TOE. It is satisfied by BUS:SMT_SMF.1, which in turn supported by TOE:FDP_ETC.1, TOE:FDP_IFC.2, TOE:FDP_IFF.2, TOE:FDP_IFF.5 and TOE:FDP_ITC.1. The implementation of these requirements are based on TOE:FPT_RVM.1. The objective is supported by TOE:FPT_AMT.1 by making sure that the mechanisms used are working as excepted, and checked by TOE:FPT_TST.1 which makes sure that the TOE is working as excepted.
    • TOE.RE is satisfied by the second stanza of TOE:FDP_IFF.2.
    • TOE.MINIMAL is satisfied by TOE:SMT_SMF.1, 6th, 7th and 8th element of TOE:FDP_IFF.2.
    • TOE.LSPP is statisfied by
      • TOE:FAU_GEN.1 having all information in the audit trail which is not covered by ENV:FAU_GEN.2 and ENV:FPT_STM.1,
      • TOE:FAU_GEN.1 having all audit events of LSPP which relevant to the functioning of the TOE.
      • SUP:FAU_GEN.2 and ENV:FAU_GEN.2 together giving FAU_GEN.2 of LSPP.
      • TOE:FAU_SAR.1 and SUP:FAU_SAR.2 together creating the ground of all FAU_SAR requirements of LSPP to be satisfied by the underlying Operating System.
      • TOE:FDP_ETC.1, TOE: FDP_ITC.1, TOE:FDP_IFC.2, TOE:FDP_IFF.2 and ENV:FDP_IFF.2 together giving FDP_IFC.2 and FDP_IFF.2 of LSPP, augmenting the information flow control rules of the TOE. Note that export/inport at the boundaries of the TSC are internal information flows of the underlying operating system.
      • BUS:SMT_SMF.1 and ENV:SMT_SMR.1 define a new security management function and the correcponding roles of the underlying operating system in an LSPP-conformant manner.
      • TOE:FPT_TST.1 extends FPT_TST.1 of the LSPP with the necessary elements to cover the TOE security functions.
      • TOE:FPT_RVM.1 extends FPD_RVM.1 of the LSPP with the necessary elements to cover the TOE security functions.

    6.2 All requirements are necessary

    • TOE:FAU_GEN.1: TOE.AUDIT_EXCEPTIONS, TOE.CAREFUL_AUDIT, TOE.LSPP
    • ENV:FAU_GEN.2: IT.OS_HARDENED
    • SUP:FAU_GEN.2 TOE.LSPP
    • TOE:FAU_SAR.1: TOE.AUDIT_EXCEPTIONS, TOE.LSPP
    • SUP:FAU_SAR.2 TOE.LSPP
    • TOE:FDP_ETC.1: TOE.FUNCTION, TOE.LSPP
    • TOE:FDP_IFC.2: TOE.FUNCTION, TOE.LSPP
    • ENV:FDP_IFF.2: IT.OS_HARDENED, TOE.LSPP
    • TOE:FDP_IFF.2: TOE.FUNCTION, TOE.MINIMAL, TOE.RE, TOE.LSPP
    • TOE:FDP_IFF.5: TOE.FUNCTION
    • ENV:FDP_IFC.1: TOE:FDP_IFF.5
    • TOE:FDP_ITC.1: TOE.FUNCTION, TOE.STRICT_INPUT_CHECK, TOE.LSPP
    • TOE:SMT_SMF.1: TOE.MINIMAL
    • BUS:SMT_SMF.1: TOE.FUNCTION, TOE.LSPP
    • ENV:FMT_SMR.1: TOE:FDP_IFF.2, IT.OS_HARDENED
    • TOE:FPT_AMT.1: TOE.FUNCTION, TOE.STRICT_INPUT_CHECK, TOE_AUDIT_EXCEPTIONS
    • TOE:FPT_RVM.1: TOE.FUNCTION, TOE.LSPP
    • ENV:FPT_SEP.3: TOE:FPT_RVM.1, ENV:FMT_SMR.1, TOE:FDP_IFF.2
    • ENV:FPT_STM.1: TOE:FAU_GEN.1, TOE.LSPP
    • TOE:FPT_TST.1: TOE.FUNCTION, TOE.LSPP

    Next Previous Contents