HP 3PAR InForm OS Common Criteria Administrator's Reference (QL226-96586, October 2012)

ManualsBrandsHP ManualsComputer AccessoriesHP 3PAR InForm T400/4x300GB 15K SAS Magazine E-LTU

19 Operating in Common Criteria Mode

Requirement

Auditable

Event(s)

Additional Audit

Record Content

InServ Event

FAU_STG.4

The TOE will automatically

overwrite the oldest audit log

records with new records as

necessary.

None None The storage area is protected by

the HP Storage System’s physical

storage protections, as the PR

resides on an admin VV

configured for redundancy. Space

on the volume is tightly managed

to prevent exhaustion. If the log

should fail, em_filter writes an

indication to its own private log

and continues to record events

there until the condition is

rectified. The em_filter private log

is not accessible to a system

administrator. (We have never

seen this occur in the field.)

FCS_CKM.1

The TOE uses random number

generation to create keys

between 128 and 256 bits in

length.

Failure on

invoking

functionality

None There are two possible scenarios:

1) If an error occurs at session

init, it may take one form of

notification (failure to establish

session). 2) If it takes place in an

already established session, it will

look different (communication

failure). Neither will identify

crypto failure since that occurs at

too low a level in the libraries.

CLI/IMC session failures would

appear as type ‘SSL error

between CLI client and Server’

event. CLI/IMC mid-session errors

would result in a ‘CLI server

process’ type event indicating

client disconnect or a

communication error in the text.

SSH session failures appear as

type ‘Syslog Message’ with sshd

explanation of the failure in the

text. SSH mid-flight failures

appear as both ’CLI server

process event’ with user

disconnect and a ‘Syslog

message’ with sshd explanation in

the text.

FCS_CKM_EXT.4

The TOE performs immediate

(i.e., when no longer needed)

and complete (i.e., the entire

key or parameter) zeroization

of plaintext cryptographic keys

and security parameters.

Failure on

invoking

functionality

None See FCS_CKM.1.

FCS_COMM_PROT_EXT.1

The TOE provides SSH, and

TLS in support of secure

administrator session

protection.

None None None