VE 06

From MozillaWiki
Jump to navigation Jump to search

SECTION 6: OPERATIONAL ENVIRONMENT

AS.06.01 If the operational environment is a modifiable operational environment, the operating system requirements in Section 4.6.1 shall apply.
Note: This assertion is not separately tested.
Passed

Assessment:

AS.06.03 The following requirements shall apply to operating systems for Security Level 1.
Note: This assertion is tested as part of AS06.04 through AS06.08.

Assessment:

AS.06.04 The operating system shall be restricted to a single operator mode of operation (i.e., concurrent operators are explicitly excluded).
Note: This requirement cannot be enforced by administrative documentation and procedures, but must be enforced by the cryptographic module itself.

Assessment:

VE.06.04.01

VE.06.04.01The vendor shall provide a description of the mechanism used to ensure

that only one user at a time can use the cryptographic module.


Assessment:

AS.06.05The cryptographic module shall prevent access by other processes to

plaintext private and secret keys, CSPs, and intermediate key

generation values during the time the cryptographic module is

executing/operational.Note: This requirement cannot be enforced by administrative documentation and procedures, but must be enforced by

the cryptographic module itself. Processes that are spawned by the

cryptographic module are owned by the module and are not owned by

external processes/operators.

Assessment:

VE.06.05.01

VE.06.05.01The vendor shall provide a description of the mechanism used to ensure

that no other process can access private and secret keys, intermediate

key generation values, and other CSPs, while the cryptographic process

is in use.

Assessment:

AS.06.06Non-cryptographic processes shall not interrupt the cryptographic

module during execution.


Assessment:

VE.06.06.01

VE.06.06.01The vendor shall provide a description of the mechanism used to ensure

that no other process can interrupt the cryptographic module during

execution.


Assessment:

AS.06.07All cryptographic software and firmware shall be installed in a form that

protects the software and firmware source and executable code from

unauthorized disclosure and modification.


Assessment:

VE.06.07.01

VE.06.07.01The vendor shall provide a list of the cryptographic software and

firmware that are stored on the cryptographic module and shall provide

a description of the protection mechanisms used to prevent

unauthorized disclosure and modification.

Assessment:

AS.06.08A cryptographic mechanism using an Approved integrity technique

(e.g., an Approved message authentication code or digital signature

algorithm) shall be applied to all cryptographic software and firmware

components within the cryptographic module.

Assessment:

VE.06.08.01

VE.06.08.01The vendor shall provide documentation that identifies the technique

used to maintain the integrity of the cryptographic software and

firmware components.

Retrieved from "https://wiki.mozilla.org/index.php?title=VE_06&oldid=23943"