Security Target
Version 1.1
2022-03-08
13
2.4.1
Security Audit
The TOE generates audit records for the authorized administrator actions. Each audit record records a
standard set of information such as date and time of the event, type of event, and the outcome (success
or failure) of the event.
2.4.2
User Data Protection
The TOE controls and isolates information flowing between the peripheral device interfaces and a
computer interface. The peripheral devices supported include USB keyboard; USB mouse; audio output;
and (depending on device type) DisplayPort, DVI-I, or HDMI video. Some TOE models accept DisplayPort
signals at the computer interface and internally convert the signals to HDMI signals and then convert back
to DisplayPort for output to the console interface.
The TOE authorizes peripheral device connections with the TOE console ports based on the peripheral
device type.
The TOE ensures that any previous information content of a resource is made unavailable upon the
deallocation of the resource from a TOE computer interface immediately after the TOE switches to
another selected computer and on start-up of the TOE.
The TOE provides a Reset to Factory Default function allowing authenticated authorized Administrators
to remove all settings previously configured by the Administrator (such as USB device whitelist/blacklist).
Once the Reset to Factory Default function has been completed, the Secure KVM will terminate the
Administrator Logon mode, purge keyboard/mouse buffer, and power cycle the Secure KVM
automatically.
2.4.3
Identification and Authentication
The TOE provides an identification and authentication function for the administrative user to perform
administrative functions such as configuring the keyboard/mouse device filtering blacklist. The
authorized administrator must logon by providing a valid password.
2.4.4
Security Management
The management functions are restricted to the authorized administrator and allow the TOE to be
configured to reject specific USB keyboard/mouse devices using CDF blacklist parameters. Additionally,
the TOE provides security management functions to Reset to Factory Default and to change the
administrator password.
2.4.5
Protection of the TSF
The TOE runs a suite of self-tests during initial startup and after activating the reset button that includes
a test of the basic TOE hardware and firmware integrity; a test of the basic computer-to-computer
isolation; and a test of critical security functions (i.e., user control and anti-tampering). The TOE provides
users with the capability to verify the integrity of the TSF and the TSF functionality.
The TOE resists physical attacks on the main TOE enclosure as well as the RPS enclosure for the purpose
of gaining access to the internal components or to damage the anti-tampering battery by becoming