目录简介 | Contents
Foreword 1
INTRODUCTION 1
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Overview 1
4.1 organisation of this part 2
5 Functional requirements paradigm 2
6 Security functional components 9
6.1 Overview 9
6.2 Component catalogue 15
7 Class FAU: Security audit 17
7.1 Security audit automatic response (FAU_ARP) 18
7.2 Security audit data generation (FAU_GEN) 19
7.3 Security audit analysis (FAU_SAA) 21
7.4 Security audit review (FAU_SAR) 25
7.5 Security audit event selection (FAU_SEL) 27
7.6 Security audit event storage (FAU_STG) 28
8 Class FCO: Communication 31
8.1 Non-repudiation of origin (FCO_NRO) 32
8.2 Non-repudiation of receipt (FCO_NRR) 34
9 Class FCS: Cryptographic support 37
9.1 Cryptographic key management (FCS_CKM) 38
9.2 Cryptographic operation (FCS_COP) 41
10 Class FDP: User data protection 42
10.1 Access control policy (FDP_ACC) 45
10.2 Access control functions (FDP_ACF) 46
10.3 Data authentication (FDP_DAU) 48
10.4 Export from the TOE (FDP_ETC) 50
10.5 Information flow control policy (FDP_IFC) 52
10.6 Information flow control functions (FDP_IFF) 54
10.7 Import from outside of the TOE (FDP_ITC) 60
10.8 Internal TOE transfer (FDP_ITT) 62
10.9 Residual information protection (FDP_RIP) 66
10.10 Rollback (FDP_ROL) 67
10.11 Stored data integrity (FDP_SDI) 69
10.12 Inter-TSF user data confidentiality transfer protection (FDP_UCT) 71
11 Class FIA: Identification and authentication 75
11.1 Authentication failures (FIA_AFL) 77
11.2 User attribute definition (FIA_ATD) 78
11.3 Specification of secrets (FIA_SOS) 79
11.4 User authentication (FIA_UAU) 80
11.5 User identification (FIA_UID) 85
11.6 User-subject binding (FIA_USB) 87
12 Class FMT: Security management 89
12.1 Management of functions in TSF (FMT_MOF) 91
12.2 Management of security attributes (FMT_MSA) 92
12.3 Management of TSF data (FMT_MTD) 95
12.4 Revocation (FMT_REV) 98
12.5 Security attribute expiration (FMT_SAE) 99
12.6 Specification of Management Functions (FMT_SMF) 100
12.7 Security management roles (FMT_SMR) 101
13 Class FPR: Privacy 103
13.1 Anonymity (FPR_ANO) 104
13.2 Pseudonymity (FPR_PSE) 105
13.3 Unlinkability (FPR_UNL) 108
13.4 Unobservability (FPR_UNO) 109
14 Class FPT: Protection of the TSF 112
14.1 Fail secure (FPT_FLS) 114
14.2 Availability of exported TSF data (FPT_ITA) 115
14.3 Confidentiality of exported TSF data (FPT_ITC) 116
14.4 Integrity of exported TSF data (FPT_ITI) 116
14.5 Internal TOE TSF data transfer (FPT_ITT) 119
14.6 TSF physical protection (FPT_PHP) 121
14.7 Trusted recovery (FPT_RCV) 124
14.8 Replay detection (FPT_RPL) 128
14.9 State synchrony protocol (FPT_SSP) 129
14.10 Time stamps (FPT_STM) 130
14.11 Inter-TSF TSF data consistency (FPT_TDC) 131
14.12 Testing of external entities (FPT_TEE) 132
14.13 Internal TOE TSF data replication consistency (FPT_TRC) 133
14.14 TSF self test (FPT_TST) 135
15 Class FRU: Resource utilisation 136
15.1 Fault tolerance (FRU_FLT) 137
15.2 Priority of service (FRU_PRS) 138
15.3 Resource allocation (FRU_RSA) 140
16 Class FTA: TOE access 142
16.1 Limitation on scope of selectable attributes (FTA_LSA) 142
16.2 Limitation on multiple concurrent sessions (FTA_MCS) 143
16.3 Session locking and termination (FTA_SSL) 145
16.4 TOE access banners (FTA_TAB) 148
16.5 TOE access history (FTA_TAH) 149
16.6 TOE session establishment (FTA_TSE) 150
17 Class FTP: Trusted path/channels 151
17.1 Inter-TSF trusted channel (FTP_ITC) 152
17.2 Trusted path (FTP_TRP) 154
Annex A (Normative) Security functional requirements application notes 156
Annex B (Normative) Functional classes, families, and components 165
Annex C (Normative) Class FAU: Security audit 166
Annex D (Normative) Class FCO: Communication 186
Annex E (Normative) Class FCS: Cryptographic support 193
Annex F (Normative) Class FDP: User data protection 200
Annex G (Normative) Class FIA: Identification and authentication 242
Annex H (Normative) Class FMT: Security management 256
Annex I (Normative) Class FPR: Privacy 270
Annex J (Normative) Class FPT: Protection of the TSF 288
Annex K (Normative) Class FRU: Resource utilisation 314
Annex L (Normative) Class FTA: TOE access 321
Annex M (Normative) Class FTP: Trusted path/channels 331
|
中文版 
English
