Cisco IPS4345 Manual de usuario descargar pdf (Pagina 51)

Cisco Intrusion Prevention System Security Target

51

Section

Exceptions to

Shall/Shall Not

Statement(s)

Should (Not)

Statements

1

TOE

Compliant?

Rationale

Private Key

5.6.3.1 Owner

Assurances of

Possession of a Static

Private Key

None. Static key is

not supported.

None.

Yes

N/A

5.6.3.2 Recipient

Assurance of Owner’s

Possession of a Static

Private Key

None. Static key is

not supported.

None.

Yes

N/A

5.6.3.2.1 Recipient

Obtains Assurance

through a Trusted Third

Party

N/A, no shall

statements

None.

Yes

N/A

5.6.3.2.2 Recipient

Obtains Assurance

Directly from the

Claimed Owner

None. Static key is

not supported.

None.

Yes

N/A

5.6.4 Key Pair

Management

N/A, no shall

statements

None.

Yes

N/A

5.6.4.1 Common

Requirements on Static

and Ephemeral Key

Pairs

None.

None.

Yes

N/A

5.6.4.2 Specific

Requirements on Static

Key Pairs

None. Static key is

not supported.

None.

Yes

N/A

5.6.4.3 Specific

Requirements on

Ephemeral Key Pairs

None.

“An ephemeral key pair

should be generated as

close to its time of use

as possible”

Yes

N/A

5.7 DLC Primitives

None.

None.

Yes

N/A

5.7.1 Diffie-Hellman

Primitives

N/A, no shall

statements

None.

Yes

N/A

5.7.1.1 Finite Field

Cryptography Diffie-

Hellman (FFC DH)

Primitive

N/A, no shall

statements

None.

Yes

N/A

5.7.1.2 Elliptic Curve

Cryptography Cofactor

Diffie-Hellman (ECC

CDH) Primitive

N/A, no shall

statements

None.

N/A

TOE does not use ECC.

5.7.2 MQV Primitives

N/A, no shall

statements

None.

Yes

N/A

5.7.2.1 Finite Field

Cryptography MQV

(FFC MQV) Primitive

N/A, no shall

statements

None.

Yes

N/A

5.7.2.1.1 MQV2 Form

of the FFC MQV

Primitive

N/A, no shall

statements

None.

Yes

N/A

5.7.2.1.2 MQV1 Form

N/A, no shall

None.

Yes

N/A

1 2 ... 46 47 48 49 50 51 52 53 54 55 56 ... 60 61

Comentarios a estos manuales

Sin comentarios