IBM 10 SP1 EAL4 Server User Manual


 
6.1 Identification and authentication.......................................................................................................251
6.1.1 User identification and authentication data management (IA.1).................................................251
6.1.2 Common authentication mechanism (IA.2)................................................................................251
6.1.3 Interactive login and related mechanisms (IA.3)........................................................................251
6.1.4 User identity changing (IA.4).....................................................................................................251
6.1.5 Login processing (IA.5).............................................................................................................251
6.2 Audit..................................................................................................................................................251
6.2.1 Audit configuration (AU.1)........................................................................................................252
6.2.2 Audit processing (AU.2)............................................................................................................252
6.2.3 Audit record format (AU.3) .......................................................................................................252
6.2.4 Audit post-processing (AU.4)....................................................................................................252
6.3 Discretionary Access Control............................................................................................................252
6.3.1 General DAC policy (DA.1).......................................................................................................252
6.3.2 Permission bits (DA.2)...............................................................................................................252
6.3.3 ACLs (DA.3)..............................................................................................................................252
6.3.4 DAC: IPC objects (DA.4)..........................................................................................................252
6.4 Object reuse........................................................................................................................................253
6.4.1 Object reuse: file system objects (OR.1)....................................................................................253
6.4.2 Object reuse: IPC objects (OR.2)...............................................................................................253
6.4.3 Object reuse: memory objects (OR.3)........................................................................................253
6.5 Security management.........................................................................................................................253
6.5.1 Roles (SM.1)..............................................................................................................................253
6.5.2 Access control configuration and management (SM.2)..............................................................253
6.5.3 Management of user, group and authentication data (SM.3)......................................................253
6.5.4 Management of audit configuration (SM.4)...............................................................................253
6.5.5 Reliable time stamps (SM.5)......................................................................................................254
6.6 Secure communications......................................................................................................................254
6.6.1 Secure protocols (SC.1)..............................................................................................................254
6.7 TSF protection....................................................................................................................................254
6.7.1 TSF invocation guarantees (TP.1)..............................................................................................254
6.7.2 Kernel (TP.2).............................................................................................................................254
6.7.3 Kernel modules (TP.3)...............................................................................................................254
6.7.4 Trusted processes (TP.4)............................................................................................................254
6.7.5 TSF Databases (TP.5)................................................................................................................254
6.7.6 Internal TOE protection mechanisms (TP.6)..............................................................................255
6.7.7 Testing the TOE protection mechanisms (TP.7).........................................................................255
11