HP 3PAR InForm OS Common Criteria Administrator's Reference (QL226-96586, October 2012)

ManualsBrandsHP ManualsComputer AccessoriesHP 3PAR InForm T400/4x300GB 15K SAS Magazine E-LTU

Operating in Common Criteria Mode 20

Requirement

Auditable

Event(s)

Additional Audit

Record Content

InServ Event

FCS_COP.1(1)

The TOE implements AES with

CTR and CBC modes and 128,

192, and 256 bit keys sizes.

Failure on

invoking

functionality

None See FCS_CKM.1.

FCS_COP.1(2)

The TOE implements the RSA

Digital Signature Algorithm

with a key size (modulus)

including 2048 and greater

bits.

Failure on

invoking

functionality

None See FCS_CKM.1.

FCS_COP.1(3)

The TOE implements SHA-1

cryptographic hashes.

Failure on

invoking

functionality

None See FCS_CKM.1.

FCS_COP.1(4)

The TOE implements HMAC-

SHA-1 keyed-hash message

authentication.

Failure on

invoking

functionality

None See FCS_CKM.1.

FCS_SSH_EXT.1

The TOE supports SSHv2

interactive command-line secure

administrator sessions as

indicated in the STs.

Failure to establish

an SSH session.

Establishment/Ter

mination of an

SSH session

Reason for failure

Non-TOE endpoint of

connection (IP address) for

both successes and

failures

The event log will contain two

events on failure to establish a

session. One will be an

‘Authentication Failure’ type event

and the second will be a ‘Syslog

Message’ type event that includes

the string ‘sshd’ and the reason

for failure. Successful

establishment will cause an event

of type ‘CLI server process event’

with the indication User logged

in, and app:SSH in the message

text. Termination does not get

logged from SSHD. The CLI will

log a ‘CLI server process event’

type message with User

disconnected and the source and

user identified in the text.

FCS_TLS_EXT.1

The TOE supports TLSv1secure

administrator sessions.

Failure to establish

a TLS Session

Establishment/Ter

mination of a TLS

session

Reason for failure

Non-TOE endpoint of

connection (IP address) for

both successes and

failures

Failure to establish a TLS session

due to an error in the TLS

handshake will cause a 'SSL error

between CLI client and server'

type event to be logged with the

cause identified in the text. There

is no audit log of successful

establishment at the TLS protocol

level, but rather success or failure

of the requisite session

authentication. If the connection is

terminated, or lost prior to session

login, no audit record is

generated.

IMC session events are identical,

except the establishment message

indicates the remote client is IMC.