SecureVue v3.2.2.5 FIPS 140-2 | Page 16
5. OPERATIONAL ENVIRONMENT
SecureVue v3.2.2.5 is a software application suite (see section 2) that can be
installed on systems running on Windows 2008 when configured in its Common
Criteria (CC) evaluated configuration which is compliant with the Controlled Access
Protection Profile (CAPP) version 1.d. The Windows 2008 evaluated configuration of
these operating systems is at Evaluation Assurance Level (EAL) 4 and augmented
with the following additional assurances:
Systematic Flaw Remediation
(ALC_FLR.3) and Highly Resistant (AVA_VLA.4).
The Windows 2008 evaluated
configuration of these operating systems is at Evaluation Assurance Level (EAL) 4
and augmented with the following additional assurances:
Systematic Flaw
Remediation (ALC_FLR.3) and Moderately Resistant (AVA_VLA.3)
The operating system, hereafter referred to as OS, is responsible for multitasking
operations so that other processes cannot intervene when the application is active
at a particular instance in time. This ensures that multiple processes do not clash or
overwrite into the data/object-space used or is being referred to by a different
process. This assumes greater significance because not only should the data be
secure all the time, the integrity of the data should also be guaranteed.
Cryptographic module relies on the OS for ensuring the data integrity when the
same piece of data is accessed by multiple processes concurrently. The OS also
provides authentication, access control using Discretional Access Control List
(DACL), and auditing mechanism. The links to the validation report and security
target for the CAPP-compliant OS are provided below:
Validation Report (Windows 2008)
http://www.niap-ccevs.org/st/st_vid10291-vr.pdf
Security Target (Windows 2008)
http://www.niap-ccevs.org/st/st_vid10291-st.pdf