huawei wcdma nodeb software security wcdma st 1.19.pdfآ huawei wcdma nodeb software version...

Huawei WCDMA NodeB Software Security Target
Version: 1.19 Last Update: 2011-11-11 Author: Huawei Technologies Co., Ltd.

Huawei WCDMA NodeB Software Version V200R013C01SPC010 Security Target
- 2 -
Table of Contents 1. INTRODUCTION......................................................................................................................... 7
1.1. ST REFERENCE....................................................................................................................... 7
1.2. TOE REFERENCE .................................................................................................................... 7
1.3. TOE OVERVIEW..................................................................................................................... 7
1.3.1. TOE USAGE ........................................................................................................................... 7
1.3.2. TOE TYPE .............................................................................................................................. 9
1.3.3. NON TOE HARDWARE AND SOFTWARE ................................................................................10
1.4. TOE DESCRIPTION ................................................................................................................13
1.4.1. LOGICAL SCOPE....................................................................................................................13
1.4.2. PHYSICAL SCOPE ..................................................................................................................18
2. PP CONFORMANCE CLAIM........................................................................................................19
3. SECURITY PROBLEM DEFINITION ..............................................................................................20
3.1. TOE ASSETS..........................................................................................................................20
3.2. THREATS..............................................................................................................................20
3.2.1. THREATS BY EAVESDROPPER................................................................................................21
3.2.2. THREATS BY INTERACTIVE NETWORK ATTACKER ..................................................................21
3.2.3. THREATS BY RESTRICTED AUTHORIZED USER........................................................................21
3.3. ORGANIZATIONAL POLICIES .................................................................................................22
3.3.1. P1.AUDIT .............................................................................................................................22
3.4. ASSUMPTIONS.....................................................................................................................22
3.4.1. PHYSICAL.............................................................................................................................22
3.4.2. PERSONNEL .........................................................................................................................22
3.4.3. CONNECTIVITY.....................................................................................................................22
3.4.4. SUPPORT .............................................................................................................................22
3.4.5. SECUREPKI...........................................................................................................................23
4. SECURITY OBJECTIVES ..............................................................................................................24
4.1. SECURITY OBJECTIVES FOR THE TOE .....................................................................................24
4.2. SECURITY OBJECTIVES FOR THE OPERATIONAL ENVIRONMENT ............................................24
4.3. SECURITY OBJECTIVES RATIONALE .......................................................................................25
4.3.1. COVERAGE...........................................................................................................................25
4.3.2. SUFFICIENCY ........................................................................................................................26
5. SECURITY REQUIREMENTS FOR THE TOE...................................................................................28
5.1. SECURITY REQUIREMENTS ...................................................................................................28
5.1.1. SECURITY AUDIT (FAU).........................................................................................................28
5.1.1.1. FAU_GEN.1 AUDIT DATA GENERATION ............................................................................28
5.1.1.2. FAU_GEN.2 USER IDENTITY ASSOCIATION........................................................................28
5.1.1.3. FAU_SAR.1 AUDIT REVIEW ..............................................................................................28

Huawei WCDMA NodeB Software Version V200R013C01SPC010 Security Target
- 3 -
5.1.1.4. FAU_SAR.3 SELECTABLE AUDIT REVIEW ...........................................................................29
5.1.1.5. FAU_STG.1 PROTECTED AUDIT TRAIL STORAGE................................................................29
5.1.1.6. FAU_STG.3 ACTION IN CASE OF POSSIBLE AUDIT DATA LOSS............................................29
5.1.2. CRYPTOGRAPHIC SUPPORT (FCS)..........................................................................................29
5.1.2.1. FCS_COP.1/SIGN CRYPTOGRAPHIC OPERATION ...............................................................29
5.1.2.2. FCS_COP.1/SSL CRYPTOGRAPHIC OPERATION..................................................................29
5.1.2.3. FCS_CKM.1/SSL CRYPTOGRAPHIC KEY GENERATION ........................................................30
5.1.3. USER DATA PROTECTION (FDP) ............................................................................................30
5.1.3.1. FDP_ACC.1/LOCAL SUBSET ACCESS CONTROL ..................................................................30
5.1.3.2. FDP_ACF.1/LOCAL SECURITY ATTRIBUTE BASED ACCESS CONTROL...................................30
5.1.3.3. FDP_ACC.1/DOMAIN SUBSET ACCESS CONTROL ..............................................................31
5.1.3.4. FDP_ACF.1/DOMAIN SECURITY ATTRIBUTE BASED ACCESS CONTROL...............................31
5.1.3.5. FDP_ACC.1/EMSCOMM SUBSET ACCESS CONTROL ..........................................................31
5.1.3.6. FDP_ACF.1/EMSCOMM SECURITY ATTRIBUTE BASED ACCESS CONTROL...........................31
5.1.4. IDENTIFICATION AND AUTHENTICATION (FIA) ......................................................................32
5.1.4.1. FIA_AFL.1 AUTHENTICATION FAILURE HANDLING ............................................................32
5.1.4.2. FIA_ATD.1 USER ATTRIBUTE DEFINITION .........................................................................32
5.1.4.3. FIA_UAU.1 TIMING OF AUTHENTICATION ........................................................................33
5.1.4.4. FIA_UAU.5 MULTIPLE AUTHENTICATION MECHANISMS...................................................33
5.1.4.5. FIA_UID.1 TIMING OF IDENTIFICATION ............................................................................33
5.1.4.6. FIA_SOS.1 VERIFICATION OF SECRETS ..............................................................................34
5.1.5. SECURITY MANAGEMENT (FMT) ..........................................................................................34
5.1.5.1. FMT_MSA.1 MANAGEMENT OF SECURITY ATTRIBUTES....................................................34
5.1.5.2. FMT_MSA.3 STATIC ATTRIBUTE INITIALIZATION ..............................................................34
5.1.5.3. FMT_SMF.1 SPECIFICATION OF MANAGEMENT FUNCTIONS.............................................34
5.1.5.4. FMT_SMR.1 SECURITY ROLES...........................................................................................35
5.1.6. TOE ACCESS (FTA) ................................................................................................................35
5.1.6.1. FTA_TSE.1/SEP TOE SESSION ESTABLISHMENT.................................................................35
5.1.6.2. FTA_TSE.1/LOCAL TOE SESSION ESTABLISHMENT.............................................................35
5.1.7. TRUSTED PATH/CHANNELS (FTP)..........................................................................................36
5.1.7.1. FTP_ITC.1 INTER‐TSF TRUSTED CHANNEL .........................................................................36
5.2. SECURITY FUNCTIONAL REQUIREMENTS RATIONALE............................................

huawei wcdma nodeb software security wcdma st 1.19.pdfآ huawei wcdma nodeb software version...

Documents

Huawei WCDMA RNO Parameters Optimization

WCDMA Interference Processing Guide - Huawei

WCDMA NODEB INSTALLATION STANDARD V3.3 Last Version[1].pdf

01-Wcdma Ran Revision General_ Huawei

Call Flows Wcdma Huawei

Huawei WCDMA Power Planning

3.RAN10.0 3900 Series WCDMA NodeB Product Description

51921517 Huawei WCDMA RAN10 0 Overview

CAC Huawei WCDMA RAN12

Wcdma Nodeb Installation Standard v3.2

Huawei WCDMA RAN Abbreviations v1

155908974 Huawei WCDMA RNO RF Optimization

Wcdma RNO Huawei Umts Kpi

Huawei Omc Operation Wcdma

Huawei WCDMA NodeB Software Security Target

The Huawei Nodeb Evolution

122880699 Huawei NodeB Fault Management

Huawei New NodeB Description

Huawei wcdma ran10.0 overview

3900 Wcdma Series Nodeb Product Description