- Product Name :
- HP XP7 Storage System Control Program
- Version of TOE :
- Product Type :
- Control Program for storage system
- Certification No. :
- Date :
- Version of Common Criteria:
- 3.1 Release4
- Conformance Claim :
- EAL2 Augmented with ALC_FLR.1
- PP Identifier :
- Vendor :
- Hewlett Packard Enterprise Company
- POC :
- Mondher Razouane
- Division :
- HPE DCDU, Storage Division
- Phone :
- E-mail :
- Evaluation Facility :
- Mizuho Information & Research Institute, Inc.
Information Security Evaluation Office
Description of TOE
The TOE is a software program operating on the storage system: "HP XP7 Storage System".
This TOE receives a request for access to a storage device in a storage system from a host computer (hereinafter referred to as “host”) and controls data transmission between the host and the storage device.
TOE Security functions
The major security functions of this TOE are as follows.
|-||Function that identifies the host and controls access, so that the host can access only the designated storage area|
|-||Function that erases data by overwriting it with dummy data in the storage device|
|-||Function that manages an encryption key to encrypt data written to the storage device|
|-||Function that identifies/authenticates fibre channel switches|
|-||Function that identifies/authenticates users and limits settings related to security to specific roles|
|-||Function that records events related to security in logs and enables persons who have a specific role to read it|
Security functional requirements
The TOE implements the following security functional requirements.
|Security audit||Non-repudiation of origin/receipt||Cryptographic functionality||Access control|
|Data authentication||Export data protection||Information flow control||Import data protection|
|Internal transfer data protection||Residual information protection||Rollback||Stored data integrity|
|Transfer data confidentiality||Transfer data integrity||Identification and authentication||Security management|
|Privacy Control||Security functionality protection||Resource utilisation management||TOE access control|