Microsoft Windows Common Criteria Evaluation Microsoft Windows 10 (Anniversary Update) Microsoft Windows Server 2016



Yüklə 0,57 Mb.
səhifə8/14
tarix14.10.2017
ölçüsü0,57 Mb.
#4533
1   ...   4   5   6   7   8   9   10   11   ...   14
17.FIA_X509_EXT.1.1

The evaluator will ensure the TSS describes where the check of validity of the certificates takes place. The evaluator ensures the TSS also provides a description of the certificate path validation algorithm.

The tests described must be performed in conjunction with the other certificate services assurance activities, including the functions in FIA_X509_EXT.2.1. The tests for the extendedKeyUsage rules are performed in conjunction with the uses that require those rules. The evaluator will create a chain of at least four certificates: the node certificate to be tested, two Intermediate CAs, and the self­signed Root CA.



  • Test 1: The evaluator will demonstrate that validating a certificate without a valid certification path results in the function failing. The evaluator will then load a certificate or certificates as trusted CAs needed to validate the certificate to be used in the function, and demonstrate that the function succeeds. The evaluator shall then delete one of the certificates, and show thatthe function fails.

  • Test 2: The evaluator will demonstrate that validating an expired certificate results in the function failing.

  • Test 3: The evaluator will test that the OS can properly handle revoked certificates­–conditional on whether CRL, OCSP, or OCSP stapling is selected; if multiple methods are selected, then a test shall be performed for each method. The evaluator will test revocation of the node certificate and revocation of the intermediate CA certificate (i.e. the intermediate CA certificate should be revoked by the root CA). The evaluator will ensure that a valid certificate is used, and that the validation function succeeds. The evaluator then attempts the test with a certificate that has been revoked (for each method chosen in the selection) to ensure when the certificate is no longer valid that the validation function fails.

  • Test 4: If either OCSP option is selected, the evaluator will configure the OCSP server or use a man­in­themiddle tool to present a certificate that does not have the OCSP signing purpose and verify that validation of the OCSP response fails. If CRL is selected, the evaluator will configure the CA to sign a CRL with a certificate that does not have the cRLsign key usage bit set, and verify that validation of the CRL fails.

  • Test 5: The evaluator will modify any byte in the first eight bytes of the certificate and demonstrate that the certificate fails to validate. (The certificate should fail to parse correctly.)

  • Test 6: The evaluator will modify any byte in the last byte of the certificate and demonstrate that the certificate fails to validate. (The signature on the certificate should not validate.)

  • Test 7: The evaluator will modify any byte in the public key of the certificate and demonstrate that the certificate fails to validate. (The signature on the certificate should not validate.)
18.FIA_X509_EXT.1.2

The tests described must be performed in conjunction with the other certificate services assurance activities, including the functions in FIA_X509_EXT.2.1. The evaluator will create a chain of at least four certificates: the node certificate to be tested, two Intermediate CAs, and the self­signed Root CA.

  • Test 1: The evaluator will construct a certificate path, such that the certificate of the CA issuing the OS's certificate does not contain the basicConstraints extension. The validation of the certificate path fails.

  • Test 2: The evaluator will construct a certificate path, such that the certificate of the CA issuing the OS's certificate has the CA flag in the basicConstraints extension not set. The validation of the certificate path fails.

  • Test 3: The evaluator will construct a certificate path, such that the certificate of the CA issuing the OS's certificate has the CA flag in the basicConstraints extension set to TRUE. The validation of the certificate path succeeds.

18.1.1.1.1X.509 Certificate Authentication (FIA_X509_EXT.2)

The evaluator will acquire or develop an application that uses the OS TLS mechanism with an X.509v3 certificate. The evaluator will then run the application and ensure that the provided certificate is used to authenticate the connection.

The evaluator will repeat the activity for any other selections listed.

18.1.1.2Security Management (FMT)

18.1.1.2.1Management of Security Functions Behavior (FMT_MOF_EXT.1)

The evaluator will verify that every management function captured in the ST is described in the operational guidance and that the description contains the information required to perform the management duties associated with the management function. The evaluator will test the operating system's ability to provide the management functions by configuring the operating system and testing each option selected from above. The evaluator is expected to test these functions in all the ways in which the ST and guidance documentation state the configuration can be managed.

18.1.1.3Protection of the TSF (FPT)

18.1.1.3.1Access Controls (FPT_ACF_EXT.1)


19.FPT_ACF_EXT.1.1

The evaluator will confirm that the TSS specifies the locations of kernel drivers/modules, security audit logs, shared libraries, system executables, and system configuration files. Every file does not need to be individually identified, but the system's conventions for storing and protecting such files must be specified. The evaluator will create an unprivileged user account. Using this account, the evaluator will ensure that the following tests result in a negative outcome (i.e., the action results in the OS denying the evaluator permission to complete the action):

  • Test 1: The evaluator will attempt to modify all kernel drivers and modules.

  • Test 2: The evaluator will attempt to modify all security audit logs generated by the logging subsystem.

  • Test 3: The evaluator will attempt to modify all shared libraries that are used throughout the system.

  • Test 4: The evaluator will attempt to modify all system executables.

  • Test 5: The evaluator will attempt to modify all system configuration files.

  • Test 6: The evaluator will attempt to modify any additional components selected.

Yüklə 0,57 Mb.

Dostları ilə paylaş:
1   ...   4   5   6   7   8   9   10   11   ...   14




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©genderi.org 2024
rəhbərliyinə müraciət

    Ana səhifə