Security Target
Version 1.1
2022-03-08
35
The logs are stored on EEPROM on the KVM PCBoard component of the TOE. The logs can be extracted
by the authorized administrator by entering Administrator Logon mode, logging on, and then issuing the
command [LIST]. The TOE extracts the log data and displays them using the text editor. The administrator
can view the logs but cannot erase or delete any of the information. The TOE stores the critical event logs
only for the most recent occurrence of events. The TOE stores a maximum of thirty-two critical events.
The logging feature can accommodate a maximum of thirty-two non-critical audit events. A new non-
critical log entry will overwrite the oldest one (for example, the thirty-third log entry will overwrite the
first log).
6.2
User Data Protection
The TOE enforces data isolation and the User Data Protection SFP on TOE computer interfaces and TOE
peripheral device interfaces by controlling the data flow and user data transiting the TOE.
The TOE supports the following types of devices: USB Keyboard and Mouse, analog audio speakers, USB
smart card / CAC readers,
and depending on model, DisplayPort, HDMI or DVI-I display. All other devices
are rejected. The TOE accepts DisplayPort signals at the computer interface, internally converts it to HDMI
and then converts the signals back to DisplayPort for output to the console interface. Refer to the two
interface tables in Section 2.2 for details on TOE computer peripherals and connected computer port
interfaces for each specific TOE model.
The TOE ensures that any previous information content of a resource is made unavailable upon the
deallocation of the resource from the TOE computer interfaces immediately after a TOE switch to another
selected computer and on start-up of the TOE.
The Appendix A Letter of Volatility in Appendix A provides assurance that no user data remains in the TOE
after power down.
6.2.1
FDP_AFL_EXT.1
–
Audio Filtration
The TOE’s audio function implementation filters the audio passing through the TOE
in accordance with
Table 8: Audio Filtration Specifications above.
6.2.2
FDP_APC_EXT.1 (All Iterations); FDP_UDF_EXT.1/AO
–
Unidirectional Data Flow
(Audio Output); FDP_UDF_EXT.1/KM
–
Unidirectional Data Flow (Keyboard/Mouse);
FDP_UAI_EXT.1 User Authentication Isolation; FDP_UDF_EXT.1/VI
–
Unidirectional Data
Flow (Video Output);
The TOE routes audio and video data only from the selected computer to the attached peripherals and
routes the keyboard and mouse data only to the selected computer from the attached peripherals. User
authentication data transits the TOE in both directions.
Each supported peripheral (i.e. video signals, USB authentication device and input data (i.e. HID data)) has
its own dedicated data path implemented in circuitry. This ensures the data is isolated and only routed in
the correct direction.
When the read/write transactions are finished, the micro-controller disables the EDID switch. This ensures
there will be no unauthorized data flow from the monitor to a connected computer.
