Belkin®
Secure
DVI
KVM
Switch,
Secure
KM
Switch
and
Secure
Windowing
KVM
EAL
4
augmented
ALC_FLR.3
Security
Target
Rev.
1.01
Page
|
31
4.3.1
TOE
Security
Objectives
Rationale
Threats,
Policies,
and
Assumptions
Summary
Objectives
and
rationale
T.INVALIDUSB
The
AUTHORIZED
USER
will
connect
UNAUTHORIZED
USB
devices
to
the
peripheral
switch.
O.USBDETECT
This
objective
will
ensure
detection
of
the
connection
of
an
UNAUTHORIZED
USB
device
to
the
TOE
Console
USB
port.
Information
from
this
port
would
be
ignored
and
not
be
passed
on
to
a
connected
computer.
Invalid
connections
are
recognized
on
the
keyboard,
pointing
device,
and
User
Authentication
device.
O.UNIDIR
This
objective
will
ensure
that
console
KEYBOARD
and
POINTING
DEVICE
data
will
only
flow
through
the
TOE
in
one
direction
from
PERIPHERAL
DEVICES
to
the
SWITCHED
COUPLED
COMPUTER.
O.USBDETECT
This
objective
will
detect
the
UNAUTHORIZED
device
connection
to
the
TOE
Console
USB
port.
Once
such
a
device
is
detected,
any
information
from
it
will
be
ignored
and
will
not
be
coupled
to
the
connected
COMPUTERs.
This
objective
will
be
valid
for
the
TOE
KEYBOARD,
POINTING
DEVICE,
and
User
Authentication
device.
Connection
of
an
invalid
USB
device
to
an
USB
hub
or
as
part
of
a
composite
device
will
result
in
the
TOE
ignoring
the
information
from
that
device
and
the
device
will
be
isolated
from
the
coupled
COMPUTERs.
O.UNIDIR
This
objective
prevents
a
connected
mass
storage
device
from
infecting
a
COUPLED
COMPUTER
with
malicious
code
or
from
exporting
user
data.
T.RESIDUAL
RESIDUAL
DATA
may
be
transferred
between
PERIPHERAL
PORT
GROUPS
with
different
IDs
O.CONF
The
TOE
shall
not
violate
the
confidentiality
of
information,
which
it
processes.
Information
generated
within
any
PERIPHERAL
GROUP
COMPUTER
CONNECTION
shall
not
be
accessible
by
any
other
PERIPHERAL
GROUP
with
a
different
O.CONF
:
If
the
PERIPHERALS
can
be
shared
to
more
than
one
COMPUTER
at
any
given
instant,
then
a
channel
may
exist
which
would
allow
transfer
of
information
from
one
to
the
other.
This
is
particularly
