I believe that this will be OK. Others WG members, please feel free to comment/agree/disagree...
In the CC, a User can be either a human user or an IT system, so it should be OK that SNMP is performing a TOE function and accessing data. As for the shared group account, the TOE does not have any way to determine if the account is shared (even for human users!).
-- Regards, Brian Smithson PM, Security Research PMP, CSM, CISSP, CISA, ISO 27000 PA Advanced Imaging and Network Technologies Ricoh Americas Corporation (408)346-4435
Ashish Khandelwal wrote:
Hello,
I haven't received any response. Any insights would be greatly appreciated.
Thanks,
Ashish
Ashish Khandelwal/DSE/IRV/TOSHIBA-TABS
Hello All,
Ashish Khandelwal/DSE/IRV/TOSHIBA-TABS
06/26/2009 05:01 PM
To
stds-2600@xxxxxxxx
cc
Subject
Accessing TSF Protected data using SNMP
I am new to this mailing list and have question on SNMP V3 access. For P2600 environment A, can SNMP V3 data be read without identification of the exact user i.e. using a shared group account. In our scenario we would like to access TSF protected SNMP data using a common SNMP account on the device. This account will only have read access to TSF protected data in SNMP. It won't be able to modify the data or read TSF confidential data.
From reading the "Protection Profile in Operating Environment A" my understanding is that this should be fine as identification/authorization is only needed to perform TOE function, access TSF confidential data or modify TSF protected data.
Please advice.
Thanks,
Regards,
Ashish
This message (and any attached files) is secret, confidential and proprietary and is intended solely for specific addressee(s). If the reader of this message is not the intended recipient, please notify the sender immediately by reply email and delete it and all backup copies immediately.
