NSSCryptoModuleSpec/Section 6: Operation Enviroment: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
No edit summary |
||
| Line 25: | Line 25: | ||
* Sun Trusted Solaris Version 8 4/01: EAL4, [http://www.commoncriteriaportal.org/public/files/epfiles/CRP170v3.pdf certification report] and [http://www.commoncriteriaportal.org/public/files/epfiles/TSolaris8_Issue3.1.pdf security target]; | * Sun Trusted Solaris Version 8 4/01: EAL4, [http://www.commoncriteriaportal.org/public/files/epfiles/CRP170v3.pdf certification report] and [http://www.commoncriteriaportal.org/public/files/epfiles/TSolaris8_Issue3.1.pdf security target]; | ||
* Red Hat Enterprise Linux AS, Version 3 Update 3: EAL3+, [http://www.commoncriteriaportal.org/public/files/epfiles/0273a.pdf certification report] and [http://www.commoncriteriaportal.org/public/files/epfiles/0273b.pdf security target]; | * Red Hat Enterprise Linux AS, Version 3 Update 3: EAL3+, [http://www.commoncriteriaportal.org/public/files/epfiles/0273a.pdf certification report] and [http://www.commoncriteriaportal.org/public/files/epfiles/0273b.pdf security target]; | ||
* Red Hat Enterprise Linux 4: EAL4+, [http://niap.nist.gov/cc-scheme/in_evaluation.html#r NIAP's in-validation list] | * Red Hat Enterprise Linux 4: EAL4+, [http://niap.nist.gov/cc-scheme/in_evaluation.html#r NIAP's in-validation list], IBM's announcement of [http://www.ibm.com/press/us/en/pressrelease/19505.wss validation completion], atsec's [http://www.atsec.com/01/index.php?id=03-0002-01&news=80 press release], and [http://www.atsec.com/downloads/pdf/certificates/ibm_linux_eal4_cert.pdf the certificate]. | ||
|| Draft | || Draft | ||
|- | |- | ||
Revision as of 22:06, 26 April 2006
|
Document Description |
DTR Section |
Assessment |
Status |
|---|---|---|---|
| Describe the mechanism used to ensure that only one user at a time can use the cryptographic module. | VE.06.04.01 | Link to the document describing how to configure each operating system with a single user. | Draft |
| Describe the mechanism used to ensure that no other process can access private and secret keys, intermediate key generation values, and other CSPs, while the cryptographic process is in use. | VE.06.05.01 | The operating system protects the address space of the cryptographic process from the other processes. | Draft |
| Describe the mechanism used to ensure that no other process can interrupt the cryptographic module during execution. | VE.06.06.01 | The operating system protects the address space of the cryptographic process from the other processes. | Draft |
| List the cryptographic software stored on the cryptographic module and describe the protection mechanisms used to prevent unauthorized disclosure and modification. | VE.06.07.01 | The operating system protects the address space of the cryptographic process from the other processes. | Draft |
| Identify the technique used to maintain the integrity of the cryptographic software components. | VE.06.08.01 | Describe the DSA .chk files. | Draft |
| The operating system controlling the cryptographic module has passed evaluation at EAL2 for the Controlled Access Protection Profile (CAPP). | VE.06.10.01 | Please refer to the following documents on the Common Criteria portal:
|
Draft |
| Specify how the discretionary access control (DAC) mechanism is configured to meet the requirements of AS06.11, AS06.12, AS06.13, and AS06.14. | VE.06.14.01 | Refer to the OS documentation of Solaris and RHEL 4. | Draft |
| Specify how the operating system prevents all operators and executing processes from modifying executing cryptographic processes. | VE.06.15.01 | The operating system protects the address space of an executing process from modifications by another process. | Draft |
| Specify how the operating system prevents operators and executing processes from reading cryptographic software stored within the cryptographic boundary. | VE.06.16.01 | The operating system protects the address space of an executing process from reading by another process. | Draft |
| Identify all the events that are auditable by the cryptographic module software. | VE.06.17.01 | TO DO. | Draft |
Return to: NSSCryptoModuleSpec