Transcription
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1Security TargetIssue0.18Date2021-03-10HUAWEI TECHNOLOGIES CO., LTD.
Copyright Huawei Technologies Co., Ltd. 2020. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without priorwritten consent of Huawei Technologies Co., Ltd.Trademarks and Permissionsand other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respectiveholders.NoticeThe purchased products, services and features are stipulated by the contract made between Huawei andthe customer. All or part of the products, services and features described in this document may not bewithin the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,information, and recommendations in this document are provided "AS IS" without warranties, guaranteesor representations of any kind, either express or implied.The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute a warranty of any kind, express or implied.Huawei Technologies Co., Ltd.Address:Huawei Industrial BaseBantian, LonggangShenzhen 518129People's Republic of ChinaWebsite:https://e.huawei.comIssue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.i
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security TargetAbout This DocumentAbout This DocumentChange HistoryDateIssueChange DescriptionAuthor2021-03-100.18list the non-TOE softwareWu Yong2021-01-290.17update guidance versionWu Yong,Hu pan2021-01-152020-12-232020-09-230.160.150.14add documentation signature files in1.4.1Wu Yong,Updated the ST reference and someminor issueWu Yong,Updated the ST referenceWu Yong,Hu panHu panHu pan2020-08-11\2020-07-290.130.12Updated the rationale for unsatisfieddependenciesWu Yong,1. Added the reference documentation.Wu Yong,2. Modify the feedbacks in Sector 5.1.3.6Hu panHu pan3. Clarify the dependencies description ofFCS COP.1/SHA256 andFCS COP.1/PBKDF2 in Sector 5.2.24. Update the attributes in 5.1.3.12020-07-170.111. Fixed issues reported on July 10.Wu Yong2020-07-030.101. Added suffix to the product guidancedocumentations.Wu Yong2020-07-010.91. Added the product guidancedocumentation.Wu Yong2. Fixed issues reported on June 30.2020-06-120.81. Added the table title.Wu Yong2. Fixed issues reported on June 5.2020-05-27Issue 0.18 (2021-03-10)0.71. Modified the formats of some sectionsin the document.Copyright Huawei Technologies Co., Ltd.Wu Yongii
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security TargetAbout This DocumentDateIssueChange DescriptionAuthor2020-05-130.61. Added the mapping between securityfeatures and modules in Section 1.4.2.Wu Yong2. Modified the Figure 1-3 Physical TOEboundary.3. Modified the formats of some sectionsin the document.2020-03-180.51. In Section 5.3 and 2, the EAL ismodified to 3 .Hu Pan, WuYong2. Added FCS COP.1/PBKDF2 andFCS COP.1/SHA256 in Table 5-1.3. In Section 5.1, identified correctlyeach operation in the SFRs to avoidmisunderstandings.4. In Section 5.2.2, explained why theFCS COP.1’s dependency is not met,and add KMC platform as a part of NonTOE Software in Section 1.3.3.5. Corrected some typos.2020-03-100.41. In section 2.1, deleted the desciption"extended by security functionalcomponents as defined in chapter 5"Hu Pan, WuYong2. In section 3.4 and 4.3, added thesecurity objective of OE.Hardware.3. In section 5.1, added a paragraph todescribe the format of each operation.4. In section 6, added the securityfunction corresponding toFMT SMF.1/USER and the detaileddescription.5. In section 1.4.1, added the format ofthe reference documents.2020-02-100.31.Modified version to 0.32.Modified objective (O.Manage) toO.SecurityManagement In section 4.3Table1、section 5.2.1 Table1Li Qiang, HuPan, WuYong3.Modified EAL 2 to EAL 3 in section5.4;2019-04-200.2Modified the document according to theinternal review comments.Li Qiang, HuPan, WuYong2019-04-160.1This is the initial draft.Li Qiang, HuPan, WuYongIssue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.ii
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security TargetContentsContentsAbout This Document . ii1 Introduction. 11.1 ST Reference . 11.2 TOE Reference . 11.3 TOE Overview . 11.3.1 TOE Usage and Major Security Features . 21.3.2 TOE type . 21.3.3 Non-TOE Hardware, Software, and Firmware Required by the TOE . 21.4 TOE Description . 41.4.1 Physical Scope . 41.4.2 Logical Scope of the TOE . 61.4.3 Summary of Security Features . 71.4.3.1 Identification and Authentication . 71.4.3.2 Authorization . 71.4.3.3 Access Control . 81.4.3.4 Auditing . 91.4.3.5 Security Management . 92 Conformance Claims . 102.1 CC Conformance Claim. 103 Security Problem Definition . 113.1 Assets . 113.2 Threats . 123.2.1 Threat Components . 123.3 Organizational Security Policies . 123.4 Assumptions. 124 Security Objectives . 144.1 Security Objectives for the TOE . 144.2 Security Objectives for the Operational Environment . 144.3 Security Objective Rationale . 155 Security Requirements for the TOE . 185.1 TOE Security Functional Requirements . 18Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.iv
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security TargetContents5.1.1 Security Audit (FAU) . 205.1.1.1 FAU GEN.1 Audit Data Generation . 205.1.1.2 FAU GEN.2 User Identity Association . 205.1.1.3 FAU SAR.1 Audit Review . 205.1.1.4 FAU SAR.2 Restricted Audit Review . 205.1.1.5 FAU SAR.3 Selectable Audit Review . 215.1.1.6 FAU STG.1 Protected Audit Trail Storage . 215.1.1.7 FAU STG.3 Action in Case of Possible Audit Data Loss . 215.1.1.8 FAU STG.4 Prevention of Audit Data Loss . 215.1.2 User Data Protection (FDP) . 215.1.2.1 FDP ACC.1/LUN Subset Access Control . 215.1.2.2 FDP ACC.1/USER Subset Access Control . 215.1.2.3 FDP ACF.1/LUN Security Attribute Based Access Control . 215.1.2.4 FDP ACF.1/USER Security Attribute Based Access Control . 225.1.3 Identification and Authentication (FIA) . 225.1.3.1 FIA ATD.1/USER User Attribute Definition . 225.1.3.2 FIA ATD.1/LUN User Attribute Definition . 235.1.3.3 FIA UAU.2: User Authentication Before Any Action . 235.1.3.4 FIA UAU.5 Multiple Authentication Mechanisms . 235.1.3.5 FIA UAU.6 Re-authenticating . 235.1.3.6 FIA UAU.7 Protected Authentication Feedback . 235.1.3.7 FIA UID.2 User Identification Before Any Action . 245.1.3.8 FIA USB.1 User-Subject Binding . 245.1.3.9 FIA AFL.1 Authentication Failure Handling . 255.1.4 Security Management (FMT) . 255.1.4.1 FMT MSA.1/LUN Management of Security Attributes . 255.1.4.2 FMT MSA.1/USERa Management of Security Attributes. 255.1.4.3 FMT MSA.1/USERb Management of Security Attributes . 255.1.4.4 FMT MSA.1/USERc Management of Security Attributes. 255.1.4.5 FMT MSA.1/USERd Management of Security Attributes . 255.1.4.6 FMT MSA.3 Management of Security Attributes . 265.1.4.7 FMT MTD.1 Management of TSF Data . 265.1.4.8 FMT SMF.1/LUN Specification of Management Functions. 265.1.4.9 FMT SMF.1/USER Specification of Management Functions . 265.1.4.10 FMT SMR.1 Security Roles . 265.1.4.11 FMT MOF.1 Management of Security Function Behaviour . 275.1.5 Protection of the TSF (FPT) . 275.1.5.1 FPT STM.1 Reliable Timestamps . 275.1.6 TOE Access (FTA) . 275.1.6.1 FTA SSL.3 TSF-initiated Termination . 275.1.6.2 FTA TSE.1 TOE Session Establishment . 275.1.7 Cryptographic Support (FCS) . 28Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.iv
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security TargetContents5.1.7.1 FCS COP.1/SHA256 Cryptographic Operation . 285.1.7.2 FCS COP.1/PBKDF2 Cryptographic Operation . 285.2 Security Functional Requirement Rationale . 285.2.1 Coverage . 285.2.2 Security Requirement Dependency Rationale . 335.3 Security Assurance Requirements. 355.4 Security Assurance Requirement Rationale . 366 TOE Summary Specification . 376.1 Identification and Authentication . 376.2 Authorization . 396.3 Access Control . 406.4 Auditing . 406.5 Security Management . 407 Glossary . 417.1 Abbreviations and Terminology . 417.2 References . 42Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.iv
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security Target1 Introduction1IntroductionThis chapter contains the ST identification, TOE identification, TOE overview, and TOEdescription of Huawei OceanStor Dorado V6 Series Storage System. All of them areconsistent with each other.1.1 ST Reference1.2 TOE Reference1.3 TOE Overview1.4 TOE Description1.1 ST ReferenceTitle: CC Huawei OceanStor Dorado V6 Series Storage System Software 6.0.1 SecurityTargetVersion: 0.18Date: 2021-03-10Developer: Huawei Technologies Co., Ltd.1.2 TOE ReferenceThe TOE is identified as bellow:TOE name: Huawei OceanStor Dorado V6 Series Storage System SoftwareTOE version: 6.0.1Developer: Huawei Technologies Co., Ltd.1.3 TOE OverviewThis section provides the usage and major security features of the TOE, as well as the TOEtype and major non-TOE hardware/software required by the TOE.Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security Target1 Introduction1.3.1 TOE Usage and Major Security Features UsageThe Huawei OceanStor Dorado V6 Series Storage System is a new-generation storagesystem developed by Huawei Technologies Co., Ltd. It is purpose-built for enterpriseclass mission-critical business and equipped with comprehensive SAN features, and isideal for use with databases, virtual desktop infrastructure (VDI), virtual serverinfrastructure (VSI), and SAP HANA. OceanStor Dorado V6 facilitates the transition toall-flash storage for customers in the finance, manufacturing, telecom, and other sectors. TOE major security featuresThe major security features implemented by the TOE are: Identification and authentication Authorization Access control Auditing Security management1.3.2 TOE typeStorage system software1.3.3 Non-TOE Hardware, Software, and Firmware Required bythe TOEThe TOE is a piece of software that provides storage functions to application servers.The TOE is running on the OceanStor Dorado V6 series hardware models, which areOceanStor Dorado 3000 V6, OceanStor Dorado 5300 V6, OceanStor Dorado 5000 V6,OceanStor Dorado 5500 V6, OceanStor Dorado 6000 V6, OceanStor Dorado 5600 V6,OceanStor Dorado 5800 V6, OceanStor Dorado 8000 V6, OceanStor Dorado 6800 V6,OceanStor Dorado 18000 V6, OceanStor Dorado 18500 V6, and OceanStor Dorado 18800V6. More information about the hardware models can be found in the following ype product#allProduct true&col product&path 1462728If not all the hardware types are shown on this page, switch the language into Chinese andthen all the types are included. The TOE is running on the customized Linux operating system(Euler OS V200R008C00) based on kernel 4.19.36. The OS、driver and KMCplatform(version 2.0) are not covered by the TOE, see red frame in Figure 1-4. In addition, thesoftware upgrade tool SmartKit (V2R6C00RC9SPC300 or later) and the software packageintegrity verification tool GnuPG are not parts of the TOE. Figure 1-1 shows the realenvironment for running the TOE.Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security Target1 IntroductionFigure 1-1 Real environment of the TOE Description The external server, application server, PC, and TOE (storage) are connected toeach other by the Ethernet switch. The NIC on the application server has two Ethernet ports. One connects to theTOE's controller A, and the other connects to controller B through optical fibers. The PC must have one port (DB9), and connects to the TOE through a DB9-toRJ45 cable.Application server HardwareRack servers or PCs with at least one 10G/25G NIC Software Windows Server 2016 OS Multipathing software UltraPath 21.06.060 Microsoft iSCSI Software Initiator in Windows Server 2016 JRE (Java Runtime Environment 1.8) Vdbench50407External server HardwareRack servers or PCs with at least one 100M/1G Ethernet port Issue 0.18 (2021-03-10)Software Windows Server 2016 OS OpenLDAP for Windows 2.4.42 NTP server, FTP server, DNS server in Windows Server 2016 OpenSSH v8.0.0.0p1Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security Target 1 IntroductionPCHardware Rack servers or PCs with at least one 100M/1G Ethernet port and one Serial DB9portSoftware Windows 10 OS Brower Google Chrome 64 JRE (Java Runtime Environment 1.8), PuTTY 0.73, WinSCP 5.17, Python2.79, notepad , Postman, FoxmailNote: Please notice that the hardware and software types are not limited to certain types.If only the stated conditions above are fulfilled, the TOE can run on the environmentwith all the functionalities claimed.Figure 1-2 Software environment of the TOEApplication ServerExternal ServerUltraPath softwareApplicationOSOSSANLANStorageStorage systemPCTOEApplicationKMCplatformDriverOSLANOS1.4 TOE Description1.4.1 Physical ScopeFigure 1-3 shows the physical scope and physical boundary of the TOE environment.Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security Target1 IntroductionFigure 1-3 Physical TOE boundaryThe TOE is a 'software only', does not contain hardware. To be exact, the TOE is only part ofthe software, and its boundary will be described in more detail in the next chapter. In addition,the software package, signature file, and the guidance documentation are delivered to thecustomer site by downloading from support website.Table 1-1 Document listTypeDelivery ItemVersionDownload LinkSoftwareOceanStor Dorado V6Software e/en/software/251142570ESW2000213625(including TOE andOS)Softwaresignature fileOceanStor Dorado V6Software 6.0.1.tgz.asc-ProductguidanceOceanStor Dorado V6Series 6.0.1 Error CodeReference.zipV0.1OceanStor Dorado V6Series 6.0.1 Error CodeReference.zip.ascOceanStor Dorado V6Series 6.0.1 0v6-pid22784062?category other&subcategory otherV0.1OceanStor Dorado V6Series 6.0.1 CommandReference.zip.ascIssue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security TargetType1 IntroductionDelivery ItemVersionOceanStor Dorado V6Series 6.0.1 RESTInterface Reference.zipV0.1Download LinkOceanStor Dorado V6Series 6.0.1 RESTInterfaceReference.zip.ascOceanStor Dorado V6Series 6.0.1Administrator Guide.zipV0.1OceanStor Dorado V6Series 6.0.1Administrator Guide.zip.ascOceanStor Dorado V6Series 6.0.1 EventReference. zipV0.1OceanStor Dorado V6Series 6.0.1 EventReference. zip.ascOceanStor Dorado V6Series 6.0.1Initialization Guide. zipV0.1OceanStor Dorado V6Series 6.0.1Initialization Guide.zip.ascOceanStor Dorado V6Series 6.0.1 SecurityConfiguration Guide.zipV0.1OceanStor Dorado V6Series 6.0.1 SecurityConfiguration Guide.zip.ascCC Huawei OceanStorDorado V6 SeriesStorage SystemSoftware 6.0.1AGD OPE. zipV1.0CC Huawei OceanStorDorado V6 SeriesStorage SystemSoftware 6.0.1Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security TargetTypeDelivery Item1 IntroductionVersionDownload LinkAGD OPE. zip.ascCC Huawei OceanStorDorado V6 SeriesStorage SystemSoftware 6.0.1AGD PRE User. zipV0.11CC Huawei OceanStorDorado V6 SeriesStorage SystemSoftware 6.0.1AGD PRE User.zip.ascCC Huawei OceanStorDorado V6 SeriesStorage SystemSoftware 6.0.1AGD PRE Production.zipV0.4CC Huawei OceanStorDorado V6 SeriesStorage SystemSoftware 6.0.1AGD PRE Production.zip.asc1.4.2 Logical Scope of the TOEThe TOE boundary from a logical point of view is represented by the elements that aredisplayed with a red dotted box within the rectangle in the figure. The TOE consists of I/OService, OMM and SYS CTRL, and is running underlying OS and hardware. The TOEprovides several security functions, which are described in more detail in chap.1.4.3 .Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security Target1 IntroductionFigure 1-4 TOE logical scopeFigure 1-4 reflects the basic structure of the TOE with respect to subsystems and modules.The TOE provides all the security features. Security features are implemented through one ormore modules.1.4.3 Summary of Security Features1.4.3.1 Identification and Authentication In user access, the TOE provides local and remote authentication modes.In local authentication mode, the identities are stored in the TOE. Identification is passedonly if the input identities match the ones stored in the TOE. The identification factorsinclude the password, SSH key pair, and one time password (OTP) sent through email.The TOE supports 3 kinds of combinations: password and OTP, password only, and SSHkey pair only.In remote authentication mode, the identities are stored in a remote LDAP server. Whenthe identification begins, the input password is sent forward to the remote LDAP serverthrough the standard LDAP protocol and identified by the LDAP server. In data access, the available LUN is limited by the initiator. CHAP authentication issupported for connecting to the TOE over an iSCSI network. Target LUNs on the TOEcan be accessed only when CHAP authentication is passed.1.4.3.2 AuthorizationAuthorization indicates that devices assign operation authorities to accounts according to theirvalidity.Issue 0.18 (2021-03-10)Copyright Huawei Technologies Co., Ltd.1
CC Huawei OceanStor Dorado V6 Series Storage SystemSoftware 6.0.1 Security Target1 IntroductionThe TOE implements authorization by the Role Based Access Control (RBAC) model. InRBAC, a permission is an approval to perform an operation on one or more RBAC protectedobjects (i.e. the commands in the TOE). A role is a set of permissions and an account can beassigned with only one role. The TOE supports not only built-in roles (listed in table below),which cannot be modified or deleted, but also customized roles whose permissions can bemodified or deleted by users whose role holds a permission to modify other roles.Table 1-2 Role permission definitionRolePermissionSuper administratorAll permissionsAdministratorAll permissions except user management and high-riskmaintenance operationsSecurity administratorSystem security configuration permissions, includingmanagement of security rules, certificates, and data destructionSAN resourceadministratorSAN resource management permissions, including managementof storage pools, LUNs, mappings, hosts, ports, and backgroundconfiguration tasksData protectionadministratorData protection manage
Date CC Huawei OceanStor Dorado V6 Series Storage System Software 6.0.1 Security Target Issue 0.18 2021 -03 10 HUAWEI TECHNOLOGIES CO., LTD.
