Certified/Validated Products List

HP StorageWorks P9500 Disk Array control program
70-02-05-00/00

Hewlett-Packard Company
Last Updated 2012-05-11
Product Name :
HP StorageWorks P9500 Disk Array control program
Version of TOE :
70-02-05-00/00
Product Type :
Control Program for storage system
Certification No. :
C0319
Date :
2011-09-30
Version of Common Criteria:
3.1
Conformance Claim :
EAL2
PP Identifier :
None

PRODUCT DESCRIPTION

Description of TOE

The TOE is a software program operating on "HP StorageWorks P9500 Disk Array" storage system. The TOE is responsible to identify, authenticate and control read/write access from host computers to the storage system. In addition, the TOE also includes function(s) to manage encryption keys that encrypt data written to the storage system, and function to decrypt data read from the storage system and securely erase the data stored in the storage system.

 

TOE security functions

The TOE has the following security functions to protect user data stored in the storage system.

- Controlling accesses from Remote Web Console users and support personnel to granted partitions specified by the groups of storage resources
- Controlling accesses from host computers to the granted logical devices in the storage system.
- Authentication of host computers
- Identification and authentication of Remote Web Console users and support personnel
- Encrypted communication between Remote Web Console and SVP PC, and SVP PC and external authentication servers.
- Encryption of stored data(Encryption key management)
- Shredding
- Audit logging

 

Security functional requirements

This TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels