Specifications
Security Target Version 1.02, 08/16/2013
21
b) For each audit event type, based on the auditable event definitions of the
functional components included in the PP/ST, information specified in column
three of Table 3.
Requirement
Auditable Events
Additional Audit Record Contents
FAU_GEN.1
None.
FAU_GEN.2
None.
FAU_STG_EXT.1
None.
FCS_CKM.1
None.
FCS_CKM_EXT.4
None.
FCS_COP.1(1)
None.
FCS_COP.1(2)
None.
FCS_COP.1(3)
None.
FCS_COP.1(4)
None.
FCS_IPSEC_EXT.1
Failure to establish an IPsec SA.
Establishment/Termination of an IPsec
SA.
Reason for failure.
Non-TOE endpoint of connection (IP
address) for both successes and
failures.
FCS_RBG_EXT.1
None.
FCS_SSH_EXT.1
Failure to establish an SSH session.
Establishment/Termination of an SSH
session.
Reason for failure
Non-TOE endpoint of connection (IP
address) for both successes and
failures.
FDP_RIP.2
None.
FIA_PMG_EXT.1
None.
FIA_UAU_EXT.2
All use of the authentication mechanism.
Origin of the attempt (e.g., IP
address).
FIA_UIA_EXT.1
All use of the authentication and
authentication mechanism.
Provided user identity, origin of the
attempt (e.g., IP address).
FIA_UAU.7
None.
FMT_MTD.1
None.
FMT_SMF.1
None.
FMT_SMR.1
None.
FPT_APW_EXT.1
None.
FPT_SKP_EXT.1
None.
FPT_STM.1
Changes to the time.
The old and new values for the time.
Origin of the attempt (e.g., IP
address).
FPT_TUD_EXT.1
Initiation of update.
No additional information.
FPT_TST_EXT.1
None.
FTA_SSL_EXT.1
Any attempts at unlocking of an
interactive session.
No additional information.
FTA_SSL.3
The termination of a remote session by
the session locking mechanism.
No additional information.
FTA_SSL.4
The termination of an interactive
session.
No additional information.
FTA_TAB.1
None.
FTP_ITC.1
Initiation of the trusted channel.
Termination of the trusted channel.
Failure of the trusted channel functions.
Identification of the initiator and
target of failed trusted channels
establishment attempt.
FTP_TRP.1
Initiation of the trusted channel.
Identification of the claimed user