[Zope3-checkins] SVN: Zope3/trunk/doc/security/SecurityTarget.tex
latex tweaks
Christian Zagrodnick
cz at gocept.com
Fri Apr 22 11:01:46 EDT 2005
Log message for revision 30105:
latex tweaks
Changed:
U Zope3/trunk/doc/security/SecurityTarget.tex
-=-
Modified: Zope3/trunk/doc/security/SecurityTarget.tex
===================================================================
--- Zope3/trunk/doc/security/SecurityTarget.tex 2005-04-22 10:59:36 UTC (rev 30104)
+++ Zope3/trunk/doc/security/SecurityTarget.tex 2005-04-22 15:01:46 UTC (rev 30105)
@@ -888,22 +888,14 @@
\usecounter{listcnt3}
\setlength{\rightmargin}{\leftmargin}
}
-\item {}
+\item
Date and time of the event, type of event, subject identity,
and the outcome (success or failure) of the event; and
-\item {} \begin{description}
-%[visit_definition_list_item]
-\item[For each audit event type, based on auditable event definitions]
-%[visit_definition]
-
+\item \textbf{For each audit event type, based on auditable event definitions}
of the functional components included in the ST,
\emph{{[}assignment: the ID of the corresponding interaction]}
-%[depart_definition]
-%[depart_definition_list_item]
-\end{description}
-
\end{list}
%[depart_definition]
@@ -1501,10 +1493,10 @@
\minisec{FMT{\_}MSA.1 Management of security attributes}
\begin{description}
\item[FMT{\_}MSA.1.1.grants]
- The TSF shall enforce the \emph{\[formal security policy\]} to restrict the
- ability to \emph{\[query, modify, delete, and add\]} the security
- attributes \emph{\[permission grants and denials\]} to \emph{\[authorized
- grantors\]}.
+ The TSF shall enforce the \emph{{[}formal security policy]} to restrict the
+ ability to \emph{{[}query, modify, delete, and add]} the security
+ attributes \emph{{[}permission grants and denials]} to \emph{{[}authorized
+ grantors]}.
\item[FMT{\_}MSA.1.2.loginname]
The TSF shall enforce the \emph{{[}formal security policy]} to restrict the
@@ -1513,10 +1505,10 @@
authorized to modify their own authentication data]}.
\item[FMT{\_}MSA.1.3.password]
- The TSF shall enforce the \emph{\[formal security policy\]} to restrict
- the ability to \emph{\[modify\]} the security attribute
- \emph{\[password\]} to \emph{\[authorized administrators and users authorized to
- modify their own authentication data\]}.
+ The TSF shall enforce the \emph{{[}formal security policy]} to restrict
+ the ability to \emph{{[}modify]} the security attribute
+ \emph{{[}password]} to \emph{{[}authorized administrators and users authorized to
+ modify their own authentication data]}.
\end{description}
@@ -1725,7 +1717,7 @@
The following TOE assurance requirements drawn from CC Part 3 are valid:
-\begin{longtable}[c]{lp{6cm}l}
+\begin{longtable}[c]{lp{7cm}p{3cm}}
\toprule
Identification & Description & Direct dependencies\\
\midrule \endhead
@@ -1772,8 +1764,8 @@
\item The ZODB storage is FileStorage or FileStorage through a ZEO server.
- \item The client software must support ``protected authentication feedback''
- (FIA{\_}UAU.7), to at least not echo a user's credentials in plain text.
+ \item The client software must support ``protected authentication feedback'',
+ to at least not echo a user's credentials in plain text (FIA{\_}UAU.7).
\item The TOE can only be accessed through a ``trusted path'' using secure
proxies, such as an HTTPS proxy like Apache with SSL, or Pound. Users are
@@ -2127,7 +2119,7 @@
\item[OE.Network:] This security objective covers the assumptions
\textbf{A.Network} because it asserts that all
- network connections which are not related to the TOE are secure in way not
+ network !(!5
compromising the integrity.
\item[OE.Client:] This security objective covers the assumption
@@ -2146,12 +2138,10 @@
\section{Security requirements rationale}
-\begin{table}
- \scriptsize
- \begin{tabular}{rRRRRRRRR}
+\begin{longtable}{rRRRRRRRR}
\toprule
& O.IA & O.Delegation & O.Audit & O.Protect & O.Access & O.Integrity & O.Attributes & O.ManageRisk \\
- \midrule
+ \midrule\endhead
FAU\_GEN.1 & & & \oh & & & & & \\
FAU\_GEN.2 & & & \oh & & & & & \\
@@ -2178,18 +2168,15 @@
FPT\_SEP.1 & & & & \oh & & & & \oh \\
FPT\_STM.1 & & & \oh & & & & & \\
\bottomrule
- % XXX \caption{Mapping of Security Objectives to Security Functional Requirements}
- \end{tabular}
-\end{table}
+ \caption{Mapping of Security Objectives to Security Functional Requirements}
+\end{longtable}
\subsection{SFR Component dependency analysis}
-\begin{table}
- \scriptsize
- \begin{tabular}{rl}
+\begin{longtable}{rp{8cm}}
\toprule
SFR & Depends on \\
- \midrule
+ \midrule\endhead
FAU\_GEN.1 & FPT\_STM.1 \\
FAU\_GEN.2 & FAU\_GEN.1, FIA\_UID.1 \\
FDP\_ACC.2 & FDP\_ACF.1 \\
@@ -2215,9 +2202,8 @@
FPT\_SEP.1 & -- \\
FPT\_STM.1 & -- \\
\bottomrule
-% XXX \caption{SFR Dependency Analysis}
-\end{tabular}
-\end{table}
+ \caption{SFR Dependency Analysis}
+\end{longtable}
All dependencies required by the chosen SFRs are covered. See table XXX.
@@ -2232,7 +2218,7 @@
\item[Asking for and validating a user's credentials:]
The TOE holds information to uniquely identify a principal and its
- required credentials. (FIA\_ATD.1)
+ required credentials (FIA\_ATD.1).
The TOE presents the user with a prompt to supply his credentials
if an operation requires an identified and authenticated principal (FIA\_UAU.1, FIA\_UID.1)
@@ -2388,12 +2374,10 @@
\subsection{Security Functions Rationale}
-\begin{table}
- \scriptsize
- \begin{tabular}{rRRRRRRRRRR}
+\begin{longtable}{rRRRRRRRRRR}
\toprule
& Protection & Authentication & Authorization & Auditing & Configuration & Transaction management & Undo & Publication/Server & Automated Tests & Python Environment \\
- \midrule
+ \midrule\endhead
FAU\_GEN.1 & & & & \oh & & & & & & \\
FAU\_GEN.2 & & & & \oh & & & & & & \\
FDP\_ACC.2 & \oh & & & & & & & \oh & & \\
@@ -2420,10 +2404,10 @@
FPT\_SEP.1 & \oh & & & & & & & & & \\
FPT\_STM.1 & & & & & & & & & & \oh \\
\bottomrule
- % XXX \caption{Security Functions Rationale}
- \end{tabular}
-\end{table}
+ \caption{Security Functions Rationale} % XXX
+\end{longtable}
+
\subsubsection{Suitability of SF to meet the SFRs}
\minisec{FDP\_ACC.2 --- Complete Access Control}
@@ -2455,7 +2439,7 @@
\textbf{Publication} subsystem.
\minisec{FDP\_ROL.1\_UNDO --- Basic Rollback}
-
+(FIA{\_}UAU.7),
The \textbf{Undo} subsystem covers undoing old transactions in a secure and
consistent manner. Old transactions that are not to be undone consistently
are not allowed to be undone.
More information about the Zope3-Checkins
mailing list