Professional Documents
Culture Documents
Huawei MBSC ST 1.07
Huawei MBSC ST 1.07
Version: 1.07 Last Update: 2011-12-20 Author: Huawei Technologies Co., Ltd.
2011-12-20
Page 1/ 58
Index
1 Introduction..................................................................................................................................... 5 1.1 1.2 1.3 Security Target Reference ...................................................................................................... 5 Target of Evaluation (TOE) Reference .................................................................................. 5 Target of Evaluation (TOE) Overview................................................................................... 5 TOE usage ................................................................................................................... 6 TOE type....................................................................................................................... 7 Non TOE Hardware and Software ............................................................................ 7 Architectural overview............................................................................................... 12 Logical Scope ............................................................................................................ 14 Physical Scope .......................................................................................................... 15
CC Conformance Claim................................................................................................................ 15 TOE Security problem definition.................................................................................................. 15 3.1 3.2 TOE Assets........................................................................................................................... 15 Threats.................................................................................................................................. 15 Threats by Eavesdropper ......................................................................................... 15 Threats by Internal Attacker..................................................................................... 15 Threats by restricted authorized user ..................................................................... 15 Physical....................................................................................................................... 15 Personnel.................................................................................................................... 15 Connectivity ................................................................................................................ 15 Support ....................................................................................................................... 15 OperatingSystem ....................................................................................................... 15 SecurePKI .................................................................................................................. 15 P.Audit......................................................................................................................... 15 P.RoleManagement .................................................................................................. 15
3.2.1 3.2.2 3.2.3 3.3 3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.4 3.4.1 3.4.2 4 4.1 4.2
Assumptions ......................................................................................................................... 15
Organizational Policies......................................................................................................... 15
Security Objectives ....................................................................................................................... 15 Objectives for the TOE......................................................................................................... 15 Objectives for the Operational Environment........................................................................ 15
Huawei BSC6900 Multimode Base Station Controller Software Security Target Page 2/ 58
2011-12-20
4.3
4.3.1 4.3.2 5 6
Extended Components Definition ................................................................................................. 15 Security Requirements .................................................................................................................. 15 6.1 TOE Security Functional Requirements............................................................................... 15 Security Audit (FAU) ................................................................................................. 15 Cryptographic Support (FCS) .................................................................................. 15 User Data Protection (FDP) ..................................................................................... 15 Identification and Authentication (FIA) ................................................................... 15 Security Management (FMT) ................................................................................... 15 TOE access (FTA) .................................................................................................... 15 Trusted Path/Channels (FTP) ................................................................................. 15 Coverage .................................................................................................................... 15 Sufficiency .................................................................................................................. 15 Security Requirements Dependency Rationale .................................................... 15 6.1.1 6.1.2 6.1.3 6.1.4 6.1.5 6.1.6 6.1.7 6.2 6.2.1 6.2.2 6.2.3 6.3 6.4
Security Assurance Requirements........................................................................................ 15 Security Assurance Requirements Rationale........................................................................ 15 TOE Security Functionality.................................................................................................. 15 Auditing ....................................................................................................................... 15 Digital signature ......................................................................................................... 15 Access control............................................................................................................ 15 Authentication ............................................................................................................ 15 Communications security ......................................................................................... 15 Management of TSF ................................................................................................. 15
TOE Summary Specification ........................................................................................................ 15 7.1 7.1.1 7.1.2 7.1.3 7.1.4 7.1.5 7.1.6
Abbreviations, Terminology and References................................................................................ 15 8.1 8.2 8.3 Abbreviations ....................................................................................................................... 15 Terminology ......................................................................................................................... 15 References ............................................................................................................................ 15
2011-12-20
Page 3/ 58
Changes History
Version V0.1 V0.2 V0.3 V0.50 V0.51 V1.0 V1.01 V1.05 V1.06 V1.07
Date 2010-12-15 2011-3-24 2011-04-2 2011-03-30 2011-04-18 2011-04-29 2011-07-29 2011-08-23 2011-11-11 2011-12-20
Author Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo) Leo(Liu Jinbo)
Changes to previous version --Modify as suggestion as expert adviser Modify according to Observation report Modify according to Observation report Modify as suggestion as expert adviser Modify as suggestion as expert adviser Modify as suggestion as expert adviser Modify as suggestion as expert adviser Modify as suggestion as expert adviser Modify as suggestion as expert adviser
2011-12-20
Page 4/ 58
1 Introduction
This Security Target is for the evaluation of the product Huawei BSC6900 Multimode Base Station Controller Software Version V900R013C01SPC010.
This ST contains a description of the security objectives and the requirements, as well as the necessary functional and assurance measures provided by the TOE, the BSC6900 software. The ST provides the basis for the evaluation of the TOE according to the Common Criteria for Information Technology Security Evaluations (CC)
2011-12-20
Page 6/ 58
4. Communications security: BSC6900 software provides SSL/TLS channels (for FTP, HTTP, MML, BIN) to access the TOE. 5. Management of security functionality: The TOE offers management functionality for its security functionality. 6. Digital signature: For the installation of GBTS managed element, the TOE is able to check the software integrity of the package previous to the installation of the element in order to verify its integrity.
2011-12-20
Page 7/ 58
The M2000 needs a mediation software in order to communicate with the TOE. The M2000 server software consists of the main version software and mediation software. The main version software implements system functions, and the mediation software is used for the adaptation of different NE interfaces. The M2000 can manage new NEs after the corresponding mediation software is installed. The WebLMT is accessed through Remote PCs used by administrators to connect to the TOE for access to the TOE via a secure channel SSL. It is obvious that physical networks, such as Ethernet subnets, interconnecting all the networking devices are necessary. Looking inside the closet, for the OMU unit, it is need the corresponding hardware (OMU board) running the Dopra Linux operating system in version 2.3. In the interface board it runs a VxWorks O.S. version 5.5.4. So the physical architecture over which the TOE runs includes the following units:
2011-12-20 Huawei BSC6900 Multimode Base Station Controller Software Security Target Page 8/ 58
Interface process unit User data process unit Signal process unit MAC/ TDM switching network and control unit Operation and maintenance unit Clock process unit As a product family, the boards that can maintain each of these units are indicated in the following table:
Function