Marimba Desktop/Mobile Management & Server Change ... Marimba Security Target EAL3 Version 2.0 May 2005

  • View
    0

  • Download
    0

Embed Size (px)

Text of Marimba Desktop/Mobile Management & Server Change ... Marimba Security Target EAL3 Version 2.0...

  • Marimba Desktop/Mobile Management and

    Server Change Management Security Target

    Version 2.0

    26 May 2005

    Prepared for: BMC Software, Inc.

    440 Clyde Ave. Mt. View, CA 94043

    Prepared by: Science Applications International Corporation

    Common Criteria Testing Laboratory 7125 Columbia Gateway Drive, Suite 300

    Columbia, MD 21046

  • Marimba Security Target EAL3 Version 2.0 May 2005

    TABLE OF CONTENTS

    1. Security Target Introduction............................................................................................. 4

    1.1 SECURITY TARGET, TOE AND CC IDENTIFICATION ........................................................... 4 1.2 CONFORMANCE CLAIMS ..................................................................................................... 4 1.3 CONVENTIONS .................................................................................................................... 4 1.4 SECURITY TARGET ORGANIZATION.................................................................................... 5

    2. TOE Description ................................................................................................................. 5 2.1 PRODUCT TYPE................................................................................................................... 6 2.2 PRODUCT DESCRIPTION ...................................................................................................... 6 2.3 PRODUCT FEATURES........................................................................................................... 6 2.4 SECURITY ENVIRONMENT TOE BOUNDARY....................................................................... 7

    2.4.1 Physical Boundaries ..............................................................................................................................7 2.4.2 Logical Boundaries..............................................................................................................................11

    3. Security Environment....................................................................................................... 12 3.1 THREATS TO SECURITY..................................................................................................... 12 3.2 ORGANIZATIONAL SECURITY POLICIES ............................................................................ 12 3.3 SECURE USAGE ASSUMPTIONS ......................................................................................... 13

    3.3.1 Physical Assumptions ..........................................................................................................................13 3.3.2 Personnel Assumptions ........................................................................................................................13 3.3.3 System Assumptions .............................................................................................................................13

    4. Security Objectives ........................................................................................................... 14 4.1 IT SECURITY OBJECTIVES FOR THE TOE.......................................................................... 14 4.2 IT SECURITY OBJECTIVES FOR THE ENVIRONMENT .......................................................... 14 4.3 SECURITY OBJECTIVES OF THE NON-IT ENVIRONMENT ................................................... 14

    5. IT Security Requirements ................................................................................................ 15 5.1 TOE SECURITY FUNCTIONAL REQUIREMENTS ................................................................. 15

    5.1.1 Security Audit (FAU) ...........................................................................................................................16 5.1.2 User Data Protection (FDP) ...............................................................................................................17 5.1.3 Identification and Authentication (FIA)...............................................................................................18 5.1.4 Security management (FMT) ...............................................................................................................19 5.1.5 TOE access (FTA)................................................................................................................................20

    5.2 SECURITY FUNCTIONAL REQUIREMENTS FOR THE IT ENVIRONMENT............................... 20 5.2.1 Identification and Authentication (FIA)...............................................................................................20 5.2.2 Protection of the TSF (FPT) ................................................................................................................21

    5.3 TOE SECURITY ASSURANCE REQUIREMENTS .................................................................. 21 5.3.1 Configuration Management (ACM).....................................................................................................22 5.3.2 Delivery and Operation (ADO) ...........................................................................................................23 5.3.3 Development (ADV).............................................................................................................................24 5.3.4 Guidance Documents (AGD) ...............................................................................................................26 5.3.5 Life Cycle Support (ALC) ....................................................................................................................28 5.3.6 Security Testing (ATE).........................................................................................................................28 5.3.7 Vulnerability Assessment (VLA) ..........................................................................................................30

    6. TOE Summary Specification ........................................................................................... 32 6.1 TOE SECURITY FUNCTIONS ............................................................................................. 32

    6.1.1 Security Audit.......................................................................................................................................32 6.1.2 User Data Protection...........................................................................................................................32 6.1.3 Identification and Authentication ........................................................................................................34 6.1.4 Security Management ..........................................................................................................................35

    2

  • Marimba Security Target EAL3 Version 2.0 May 2005

    6.1.5 TOE Access..........................................................................................................................................36 6.2 TOE SECURITY ASSURANCE MEASURES.......................................................................... 36

    6.2.1 Process Assurance ...............................................................................................................................36 6.2.2 Delivery and Operation .......................................................................................................................37 6.2.3 Design Documentation ........................................................................................................................37 6.2.4 Guidance Documentation ....................................................................................................................37 6.2.5 Test Documentation .............................................................................................................................38 6.2.6 Vulnerability Assessment .....................................................................................................................39

    7. Protection Profile Claims ................................................................................................. 39 8. Rationale ............................................................................................................................ 39

    8.1 SECURITY OBJECTIVES RATIONALE.................................................................................. 40 8.1.1 Security Objective for the TOE Rationale............................................................................................40 8.1.2 Security Objectives for Environment Rationale...................................................................................40

    8.2 SECURITY REQUIREMENTS RATIONALE ............................................................................ 42 8.2.1 Security Functional Requirements Rationale ......................................................................................42

    8.3 SECURITY ASSURANCE REQUIREMENTS RATIONALE........................................................ 44 8.4 SECURITY REQUIREMENTS DEPENDENCIES RATIONALE ................................................... 44 8.5 TOE SUMMARY SPECIFICATION RATIONALE ................................................................... 45 8.6 INTERNAL CONSISTENCY AND SUPPORT RATIONALE........................................................ 45 8.7 STRENGTH OF FUNCTION (SOF) RATIONALE.................................................................... 46

    LIST OF FIGURES

    Figure 1: DMM Physical Boundaries...............................................................................................