manualshive.com logo in svg

Belkin F1DN102C, User Manual

The Belkin F1DN102C user manual can be easily downloaded for free from our website. This manual provides detailed instructions on how to set up and use your Belkin F1DN102C product effectively. Ensure a seamless experience with your device by accessing the manual now.

Share
Download
background image

Belkin®

 

Secure

 

DVI

 

KVM

 

Switch,

 

Secure

 

KM

 

Switch

 

and

  

Secure

 

Windowing

 

KVM

 

EAL

 

4

 

augmented

 

ALC_FLR.3

 

Security

 

Target

 

Rev.

 

1.01

 

 

Page

 

|

 

34

  

 

selection

 

methods

 

are

 

used

 

by

 

most

 

(if

 

not

 

all)

 

current

 

market

 

products.

 

Automatic

 

switching

 

based

 

on

 

scanning

 

shall

 

not

 

be

 

used

 

as

 

a

 

selection

 

mechanism.

  

T.PERIP

 

A

 

USER

 

may

 

connect

 

to

 

the

 

TOE

 

a

 

qualified

 

PERIPHERAL

 

DEVICE

 

that

 

has

 

a

 

security

 

vulnerability

 

which

 

allows

 

the

 

transfer

 

of

 

USER

 

or

 

NETWORK

 

information

 

through

 

the

 

coupled

 

TOE,

 

thereby

 

violating

 

the

 

confidentiality

 

of

 

information.

 

O.ROM

 

TOE

 

software/firmware

 

shall

 

be

 

protected

 

against

 

unauthorized

 

modification.

 

Embedded

 

software

 

must

 

be

 

contained

 

in

 

mask

programmed

 

or

 

one

time

programmable

 

read

only

 

memory

 

or

 

fuse

 

protected

 

flash

 

permanently

 

attached

 

(non

socketed)

 

to

 

a

 

circuit

 

assembly.

 

 

O.UNIDIR

 

The

 

TOE

 

circuitry

 

shall

 

assure

 

that

 

USER

 

KEYBOARD,

 

USER

 

POINTING

 

DEVICE

 

and

 

EDID

 

data

 

will

 

flow

 

only

 

from

 

PERIPHERAL

 

DEVICES

 

to

 

the

 

SWITCHED

 

COUPLED

 

COMPUTER.

 

O.ROM

  

This

 

Objective

 

assures

 

that

 

TOE

 

software/firmware

 

will

 

be

 

protected

 

against

 

unauthorized

 

modification

 

by

 

ensuring

 

that

 

embedded

 

software

 

is

 

contained

 

in

 

read

only

 

memory.

   

This

 

ensures

 

that

 

any

 

ROM

 

used

 

in

 

the

 

TSF

 

to

 

hold

 

embedded

 

TSF

 

data

 

may

 

not

 

be

 

re

programmed.

 

O.UNIDIR

 

This

 

objective

 

will

 

ensure

 

that

 

console

 

KEYBOARD

 

and

 

POINTING

 

DEVICE

 

data

 

will

 

only

 

flow

 

through

 

the

 

TOE

 

in

 

one

 

direction

 

from

 

PERIPHERAL

 

DEVICES

 

to

 

the

 

SWITCHED

 

COUPLED

 

COMPUTER,

 

thereby

 

preventing

 

data

 

transfer

 

from

 

connected

 

COMPUTERS

 

or

 

NETWORKS

 

to

 

peripheral

 

devices.

 

T.TRANSFER

  

A

 

CONNECTION,

 

via

 

the

 

TOE,

 

between

 

COMPUTERS

 

may

 

allow

 

information

 

transfer.

  

O.CONF

  

The

 

TOE

 

shall

 

not

 

violate

 

the

 

confidentiality

 

of

 

information,

 

which

 

it

 

processes.

 

Information

 

generated

 

within

 

any

 

PERIPHERAL

 

GROUPCOMPUTER

 

CONNECTION

 

shall

 

not

 

be

 

accessible

 

by

 

any

 

other

 

PERIPHERAL

 

GROUP

COMPUTER

 

CONNECTION.

  

 

 

O.CONF

  

If

 

the

 

PERIPHERALS

 

can

 

be

 

CONNECTED

 

to

 

more

 

than

 

one

 

COMPUTER

 

at

 

any

 

given

 

instant,

 

then

 

a

 

channel

 

may

 

exist

 

which

 

would

 

allow

 

transfer

 

of

 

information

 

from

 

one

 

to

 

the

 

other.

 

This

 

is

 

particularly

 

important

 

for

 

DEVICES

 

with

 

bi

directional

 

communications

 

channels

 

such

 

as

 

KEYBOARD

 

and

 

POINTING

 

DEVICES.

 

Since

 

many

 

PERIPHERALS

 

now

 

have

 

Summary of Contents for F1DN102C

Page 1: ...ugmented ALC_FLR 3 Security Target Rev 1 01 Page 1 Belkin Secure DVI KVM Switch Secure KM Switch and Secure Windowing KVM EAL 4 augmented ALC_FLR 3 Security Target Release Date July 16 2012 Document I...

Page 2: ...ogical Scope of the TOE 16 1 4 Organization 17 1 5 Document Conventions 18 1 6 Document Terminology 18 1 6 1 ST Specific Terminology 18 1 6 2 Acronyms 22 2 Conformance Claims 23 2 1 Common Criteria Co...

Page 3: ...Requirements 42 6 Security Requirements 43 6 1 Security Functional Requirements for the TOE 43 6 1 1 Class FDP User Data Protection 44 6 1 2 Class FMT Security Management 47 6 1 3 Class FPT Protectio...

Page 4: ...witch Secure KM Switch and Secure Windowing KVM EAL 4 augmented ALC_FLR 3 Security Target Rev 1 01 Page 4 Document Revisions Rev Date Author Changes 1 01 July 16 2012 Carlos Del Toro Belkin Changed pr...

Page 5: ...ions provided by the Target of Evaluation TOE that meet the set of requirements in Chapter 6 TOE Summary Specification The structure and content of this ST complies with the requirements specified in...

Page 6: ...I KVM Switch w audio and CAC Model F1DN116C Ver 111111 Or Belkin Secure 4 port KM Switch w audio Model F1DN104K Ver 111111 Or Belkin Secure 8 port KM Switch w audio Model F1DN108K Ver 111111 Or Belkin...

Page 7: ...tems such as Windows or Linux and have ports for USB keyboard USB mouse DVI I video DVI D video audio input and output and USB Common Access Card CAC or Smart Card reader The TOE is intended to be use...

Page 8: ...that modern Secure KVM devices do not allow any electrical interface peripheral sharing in order to prevent certain attacks and therefore they are no longer simple switching devices Figure 1 Typical e...

Page 9: ...er Unit DCU accessory and The accompanying User Guidance Updated User Guidance can be downloaded from the http www belkin com website at any time The evaluated TOE configuration does not include any p...

Page 10: ...KM Switch and Secure Windowing KVM EAL 4 augmented ALC_FLR 3 Security Target Rev 1 01 Page 10 1 3 3 Evaluated Environment This table identifies hardware components and indicates whether or not each co...

Page 11: ...w audio Model F1DN102F Or Belkin Secure 4 port DVI I KVM Switch w audio Model F1DN104B Or Belkin Secure 4 port DVI I KVM Switch w audio and CAC Model F1DN104G Or Belkin Secure 8 port DVI I KVM Switch...

Page 12: ...ed ALC_FLR 3 Security Target Rev 1 01 Page 12 TOE Or Belkin Secure 4 port KM Switch w audio Model F1DN104K Or Belkin Secure 8 port KM Switch w audio Model F1DN108K Or Belkin Secure 4 port Windowing KV...

Page 13: ...Lenovo keyboard SK 8825 L Shared Peripheral Port Group Member Environment USB User Authentication Device compatible with Precise 200 MC SCM SCR 335 Gemalto PC USB TR Belkin F1DN005U Shared Peripheral...

Page 14: ...Audio black shielded 6 ft 180 cm F2E4141B10D D RT Belkin P N F2E4141B10DD RT Belkin Pro Series DVI D Dual Link M to M Cable shielded 10 ft 300 cm CWR05114 Belkin RJ 14 to RJ 14 DCU cable unshielded 6...

Page 15: ...or DP monitor output support Operational Environmen t Host Computer resources Table 1 Evaluated TOE and Environment Components 1 3 4 Guidance Documents The following guidance documents are provided w...

Page 16: ...onnected computers to be powered up at any time The white LEDs with colored light pipes in the TOE front panel called color chips indicate the selected computer channel The TOE provides the user with...

Page 17: ...elevant terminology The introduction also provides a description of the TOE security functions as well as the physical and logical boundaries for the TOE the hardware and software that make up the TOE...

Page 18: ...1 5 Document Conventions The CC defines four operations on security functional requirements The descriptions below define the conventions used in this ST to identify these operations When NIAP interpr...

Page 19: ...the essential COMPUTER that is capable of providing INPUT to the essential COMPUTER or of receiving OUTPUT or both The term PERIPHERAL is sometimes used as a synonym for device or any INPUT OUTPUT uni...

Page 20: ...ice that allows a single keyboard video monitor and mouse to be switched to any of a number of computers while the user can interact with multiple video outputs presented simultaneously on a single di...

Page 21: ...e a mouse trackball joystick and touchpad Port An external socket for plugging in communications lines and or PERIPHERALS QUALIFIED USB device A USB device having a complete set of characteristics tha...

Page 22: ...y Erasable Programmed Read Only Memory ID Identification IT Information Technology KVM Keyboard Video Mouse LCD Liquid Crystal Display LED Light Emitting Diode MAC Mandatory Access Control PSS Periphe...

Page 23: ...tion Technology Security Evaluation Part 3 Security Assurance components conformant at EAL4 ALC_FLR 3 Version 3 1 Revision 3 dated July 2009 4 All International interpretations with effective dates on...

Page 24: ...erred by the TOE USERS are AUTHORIZED USERS A MANAGE The TOE is installed and managed in accordance with the manufacturer s directions A NOEVIL The AUTHORIZED USER is non hostile and follows all usage...

Page 25: ...and subsequent compromise of the data flowing through the TOE or the NETWORKS connected to its coupled COMPUTERS T SPOOF Via intentional or unintentional actions a USER may think the set of SHARED PER...

Page 26: ...hreats addressed by the IT Operating Environment The Protection Profile claimed identifies no threats to the assets against which specific protection within the TOE environment is required 3 3 Organiz...

Page 27: ...selected O ROM TOE software firmware shall be protected against unauthorized modification Embedded software must be contained in mask programmed or one time programmable read only memory or fuse prote...

Page 28: ...age 28 and EDID data will flow only from PERIPHERAL DEVICES to the SWITCHED COUPLED COMPUTER O TAMPER The TOE Device provides unambiguous detection of physical tampering of the TSF s devices or TSF s...

Page 29: ...nt by technical means Environment Security Objective Definition OE ACCESS The AUTHORIZED USER shall possess the necessary privileges to access the information transferred by the TOE USERS are AUTHORIZ...

Page 30: ...t least one security objective for the TOE and that those security objectives counter the threats enforce the policies and uphold the assumptions Threats Policies Assumptions O CONF O INDICATE O ROM O...

Page 31: ...TOE Console USB port Once such a device is detected any information from it will be ignored and will not be coupled to the connected COMPUTERs This objective will be valid for the TOE KEYBOARD POINTIN...

Page 32: ...OG The TSF may be modified by an attacker such that code embedded in reprogrammable ROMs is overwritten thus leading to a compromise of the separation enforcing components of the code and subsequent c...

Page 33: ...mbedded software must be contained in mask programmed fuse protected flash or one time programmable read only memory permanently attached non socketed to a circuit assembly O USBDETECT This objective...

Page 34: ...that TOE software firmware will be protected against unauthorized modification by ensuring that embedded software is contained in read only memory This ensures that any ROM used in the TSF to hold emb...

Page 35: ...g multiple COMPUTERS Information transferred to from one SWITCHED COMPUTER is not to be shared with any other COMPUTER O SWITCH The purpose of the TOE is to share a set of PERIPHERALS among multiple C...

Page 36: ...COUPLED COMPUTER thereby preventing data transfer from connected COMPUTERS or NETWORKS to peripheral devices O TAMPER Tampering of the TOE may cause data to be transferred between COMPUTERS Detection...

Page 37: ...ed and managed in accordance with the manufacturer s directions Restates the assumption A NOEVIL The AUTHORIZED USER is non hostile and follows all usage guidance OE NOEVIL The AUTHORIZED USER shall b...

Page 38: ...DVI KVM Switch Secure KM Switch and Secure Windowing KVM EAL 4 augmented ALC_FLR 3 Security Target Rev 1 01 Page 38 4 4 Rationale for Organizational Policy Coverage There are no Organizational Policie...

Page 39: ...xtended Visual indications Visual confirmation provides the user with important information regarding the current connection made through the TOE This allows the user to confirm that the data is being...

Page 40: ...the TOE and the coupled COMPUTERS from inadvertent connection of an UNAUTHORIZED USB device 5 2 1 Invalid USB Connection EXT_IUC Family Behavior This family defines requirements for providing a means...

Page 41: ...firmware may not be changed after TOE production All non volatile memory devices used must be soldered directly to the board not attached with a socket Family Behavior This family defines the read onl...

Page 42: ...KM Switch and Secure Windowing KVM EAL 4 augmented ALC_FLR 3 Security Target Rev 1 01 Page 42 5 4 Rationale for Explicitly Stated Security Requirements The Explicit SFRs in this Security Target are f...

Page 43: ...llowing subsections 6 1 Security Functional Requirements for the TOE The security requirements that are levied on the TOE are specified in this section of the ST The TOE satisfies the SFRs delineated...

Page 44: ...aration Hierarchical to No other components Dependencies FDP_IFF 1a Simple security attributes FDP_IFC 1 1a The TSF shall enforce the Data Separation SFP on the set of PERIPHERAL PORT GROUPS and the b...

Page 45: ...information via a controlled operation if the following rules hold Switching Rule KEYBOARD PERIPHERAL DATA and POINTING DEVICE PERIPHERAL DATA can flow to a PERIPHERAL PORT GROUP with a given ID only...

Page 46: ...formation via a controlled operation if the following rules hold Unidirectional flow Rule KEYBOARD PERIPHERAL DATA POINTING DEVICE PERIPHERAL DATA and EDID PERIPHERAL DATA can flow only from the PERIP...

Page 47: ...DP_ITC 1 3 The TSF shall enforce the following rules when importing user data controlled under the SFP from outside the TOE No additional rules 6 1 2 Class FMT Security Management 6 1 2 1 FMT_MSA 1 Ma...

Page 48: ...ive initial values to override the default values when an object or information is created 6 1 3 Class FPT Protection of the TSF 6 1 3 1 FPT_PHP 1 Passive detection of physical attack Hierarchical to...

Page 49: ...provided that is persistent for the duration of the CONNECTION Application Note Does not require tactile indicators but does not preclude their presence EXT_IUC 1 Invalid USB Connection Hierarchical...

Page 50: ...unctional Requirements to Security Objectives and describes the applicable rationale based on direct reference from the claimed Protection Profile 6 3 1 TOE Security Functional Requirements Tracing Ra...

Page 51: ...R data consists of HUMAN INTERFACE DEVICE control information Also included is configuration information such as KEYBOARD settings that must be reestablished each time the TOE switches between COMPUTE...

Page 52: ...keyboard pointing device and EDID chip to a CONNECTED COMPUTER Unidirectional peripheral data flow is critical to assure that data confidentiality is maintained as it prevents data from entering the...

Page 53: ...ry selection methods are used by most if not all current market products Automatic switching based on scanning shall not be used as a selection mechanism FMT_MSA 1 Management of Security Attributes FM...

Page 54: ...an invalid USB connection the TOE will disable the connection and notify the user O UNIDIR TOE circuitry shall assure that USER KEYBOARD USER POINTING DEVICE and EDID data will flow only from PERIPHE...

Page 55: ...ormal functionality after such an event FPT_PHP 1 Passive detection of physical attack FPT_PHP 3 Automatic response upon detection of physical attack FPT_PHP 1 The TOE is required to provide unambiguo...

Page 56: ...FDP_IFC 1b FDP_IFF 1b Simple security attributes Yes FDP_IFC 1a Subset information flow control Yes FDP_IFF 1a FMT_MSA 3 Static attribute initialization Yes FDP_IFC 1b Subset information flow control...

Page 57: ...1 Specification of management functions The TOE is not required to associate USERS with roles hence there is only one role that of USER This deleted requirement a dependency of FMT_MSA 1 and FMT_MSA...

Page 58: ...4 Product support acceptance procedures and automation ALC_CMS 4 Problem tracking CM coverage ALC_DEL 1 Delivery procedures ALC_DVS 1 Identification of security measures ALC_FLR 3 Systematic Flaw Reme...

Page 59: ...ependently assured security The chosen assurance level is consistent with the threat environment where an attacker may be assumed to have an attack potential of Enhanced Basic This has been augmented...

Page 60: ...nce that data confidentiality will be maintained even when targeted attacks are launched against the TOE The TOE design does not mix PERIPHERAL DATA having different IDs or security attributes and the...

Page 61: ...s completed 2 If the TOE anti tampering system was triggered by an enclosure intrusion attempt The TOE will transition to normal TOE operation on default channel one following a passed self test The T...

Page 62: ...state the user is unable to pass any information through the TOE to any COMPUTER and user DISPLAYS are blank Since the TOE becomes unusable the user will require replacement of the TOE This ensures t...

Page 63: ...ttempt to access these memory chips is not possible without causing permanent damage to the TOE Functional Requirements Satisfied EXT_ROM 1 7 6 Audio Output Switching Function Clarification This parag...

Reviews:

No comments

Related manuals for F1DN102C

jablotron UC-230 Quick Start Manual preview
UC-230
Brand: jablotron Pages: 2
ifs POC2502 Series User Manual preview
POC2502 Series
Brand: ifs Pages: 352
D-Link DMS-1250 Series Hardware Installation Manual preview
DMS-1250 Series
Brand: D-Link Pages: 38
BERNSTEIN KFM Operating Instructions preview
KFM
Brand: BERNSTEIN Pages: 3
ORiNG IPS-3082GC-24V Quick Installation Manual preview
IPS-3082GC-24V
Brand: ORiNG Pages: 2
LevelOne Infinity IES-1881 Quick Installation Manual preview
Infinity IES-1881
Brand: LevelOne Pages: 2
E-LINK LNK-IMC208P-SFP Quick Start Manual preview
LNK-IMC208P-SFP
Brand: E-LINK Pages: 6
enbrighten 58433 Manual preview
58433
Brand: enbrighten Pages: 2
Leonton EG2-1600 Series User Manual preview
EG2-1600 Series
Brand: Leonton Pages: 19
Optical Systems OSD2700F SERIES Operator'S Manual preview
OSD2700F SERIES
Brand: Optical Systems Pages: 29
Microsonic zws-7/CD/QS Operating Instructions preview
zws-7/CD/QS
Brand: Microsonic Pages: 2
Ubiquiti EdgeSwitch 8 150W Quick Start Manual preview
EdgeSwitch 8 150W
Brand: Ubiquiti Pages: 28
Zektor HD800-V2 User Manual preview
HD800-V2
Brand: Zektor Pages: 41
Unipoe PM5003GSN User Manual preview
PM5003GSN
Brand: Unipoe Pages: 9
Cabletron Systems ELS10-26TX User Manual preview
ELS10-26TX
Brand: Cabletron Systems Pages: 116
Tripp Lite 0SU70032 Quick Manual preview
0SU70032
Brand: Tripp Lite Pages: 3
Eneo 230033 Quick Installation Manual preview
230033
Brand: Eneo Pages: 19
Transition Networks SM24-1000SFP-AH Installation Manual preview
SM24-1000SFP-AH
Brand: Transition Networks Pages: 76

Brands by name

Popular brands

Load more brands