MozillaWiki

NSSCryptoModuleSpec/Section 6: Operation Enviroment: Difference between revisions

Page Discussion

NSSCryptoModuleSpec/Section 6: Operation Enviroment (view source)

Revision as of 12:03, 11 May 2015

181 bytes removed ,  11 May 2015
m
GPHemsley moved page Section 6: Operation Enviroment to NSSCryptoModuleSpec/Section 6: Operation Enviroment without leaving a redirect: NSSCryptoModuleSpec page
No edit summary
m (GPHemsley moved page Section 6: Operation Enviroment to NSSCryptoModuleSpec/Section 6: Operation Enviroment without leaving a redirect: NSSCryptoModuleSpec page)
 
(9 intermediate revisions by 2 users not shown)
Line 12: Line 12:
Status
Status
|-
|-
| Describe the mechanism used to ensure that only one user at a time can use the cryptographic module. || [http://wiki.mozilla.org/VE_06#VE.06.04.01 VE.06.04.01 ] || Link to the document describing how to configure each operating system with a single user. || Draft
| Describe the operational environment in which the module operates. || [http://wiki.mozilla.org/VE_06#VE.06.02.01 VE.06.02.01 ] || [http://wiki.mozilla.org/FIPS_Operational_Environment#Operational_Environment Operational Environment] || Draft
|-
| Describe the mechanism used to ensure that only one user at a time can use the cryptographic module. || [http://wiki.mozilla.org/VE_06#VE.06.04.01 VE.06.04.01 ] || [http://wiki.mozilla.org/FIPS_Operational_Environment#Single_Operator_Mode_of_Operation Single Operator Mode of Operation] || Draft
|-
|-
| Describe the mechanism used to ensure that no other process can access private and secret keys, intermediate key generation values, and other CSPs, while the cryptographic process is in use. || [http://wiki.mozilla.org/VE_06#VE.06.05.01 VE.06.05.01 ] || The operating system protects the address space of the cryptographic process from the other processes. || Draft
| Describe the mechanism used to ensure that no other process can access private and secret keys, intermediate key generation values, and other CSPs, while the cryptographic process is in use. || [http://wiki.mozilla.org/VE_06#VE.06.05.01 VE.06.05.01 ] || The operating system protects the address space of the cryptographic process from the other processes. || Draft
Line 18: Line 20:
| Describe the mechanism used to ensure that no other process can interrupt the cryptographic module during execution. || [http://wiki.mozilla.org/VE_06#VE.06.06.01 VE.06.06.01 ] || The operating system protects the address space of the cryptographic process from the other processes. || Draft
| Describe the mechanism used to ensure that no other process can interrupt the cryptographic module during execution. || [http://wiki.mozilla.org/VE_06#VE.06.06.01 VE.06.06.01 ] || The operating system protects the address space of the cryptographic process from the other processes. || Draft
|-
|-
| List the cryptographic software stored on the cryptographic module and describe the protection mechanisms used to prevent unauthorized disclosure and modification. || [http://wiki.mozilla.org/VE_06#VE.06.07.01 VE.06.07.01 ] || The operating system protects the address space of the cryptographic process from the other processes. || Draft
| List the cryptographic software stored on the cryptographic module and describe the protection mechanisms used to prevent unauthorized disclosure and modification. || [http://wiki.mozilla.org/VE_06#VE.06.07.01 VE.06.07.01 ] || While the cryptographic software is in the RAM, the operating system protects the address space of the cryptographic process from the other processes. || Draft
|-
|-
| Identify the technique used to maintain the integrity of the cryptographic software components. || [http://wiki.mozilla.org/VE_06#VE.06.08.01 VE.06.08.01 ] || [http://wiki.mozilla.org/FIPS_Operational_Environment#Maintaining_Software_Integrity Maintaining Software Integrity] || Draft
| Identify the technique used to maintain the integrity of the cryptographic software components. || [http://wiki.mozilla.org/VE_06#VE.06.08.01 VE.06.08.01 ] || [http://wiki.mozilla.org/FIPS_Operational_Environment#Software_Integrity_Test Software Integrity Test] || Draft
|-
|-
| The operating system controlling the cryptographic module has passed evaluation at EAL2 for the Controlled Access Protection Profile (CAPP). || [http://wiki.mozilla.org/VE_06#VE.06.10.01 VE.06.10.01 ] || Please refer to the following documents on the [http://www.commoncriteriaportal.org/ Common Criteria portal]:
| The operating system controlling the cryptographic module has passed evaluation at EAL2 for the Controlled Access Protection Profile (CAPP). || [http://wiki.mozilla.org/VE_06#VE.06.10.01 VE.06.10.01 ] || Please refer to the following documents on the [http://www.commoncriteriaportal.org/ Common Criteria portal]:
* Sun Trusted Solaris Version 8 4/01: assurance level EAL4, certification date March 2004, [http://www.commoncriteriaportal.org/public/files/epfiles/CRP170v3.pdf certification report] and [http://www.commoncriteriaportal.org/public/files/epfiles/TSolaris8_Issue3.1.pdf security target];
* Sun Solaris Version 10 5/08: Security Target Url For Solaris 10 5/08: http://www.sun.com/software/security/securitycert/docs/st-base.Sol10u5.v1.3.pdf  
* Red Hat Enterprise Linux (RHEL) Version 4 Update 1 AS and Red Hat Enterprise Linux (RHEL) Version 4 Update 1 WS: assurance level EAL4+, certification date 26 January 2006, [http://www.commoncriteriaportal.org/public/files/epfiles/ST_VID10072-VR.pdf certification report], [http://www.commoncriteriaportal.org/public/files/epfiles/ST_VID10072-ST.pdf security target], atsec's [http://www.atsec.com/01/index.php?id=03-0002-01&news=80 press release], and [http://www.atsec.com/downloads/pdf/certificates/ibm_linux_eal4_cert.pdf the certificate].
* Red Hat Enterprise Linux (RHEL) Version 5 http://www.niap-ccevs.org/cc-scheme/st/index.cfm/vid/10125
   || Draft
   || Draft
|-
|-
Line 33: Line 35:
| Specify how the operating system prevents operators and executing processes from reading cryptographic software stored within the cryptographic boundary. || [http://wiki.mozilla.org/VE_06#VE.06.16.01 VE.06.16.01 ] || The operating system protects the address space of an executing process from reading by another process. || Draft
| Specify how the operating system prevents operators and executing processes from reading cryptographic software stored within the cryptographic boundary. || [http://wiki.mozilla.org/VE_06#VE.06.16.01 VE.06.16.01 ] || The operating system protects the address space of an executing process from reading by another process. || Draft
|-
|-
| Identify all the events that are auditable by the cryptographic module software. || [http://wiki.mozilla.org/VE_06#VE.06.17.01 VE.06.17.01 ] || TO DO. || Draft
| Identify all the events that are auditable by the cryptographic module software. || [http://wiki.mozilla.org/VE_06#VE.06.17.01 VE.06.17.01 ] || [http://wiki.mozilla.org/FIPS_Operational_Environment#Auditable_Events Auditable Events] || Draft
|}
|}


Return to: [[NSSCryptoModuleSpec]]
Return to: [[NSSCryptoModuleSpec]]
GPHemsley
canmove, Confirmed users, Bureaucrats and Sysops emeriti
960

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/27456...1073751"