[Zope3-checkins] SVN: Zope3/trunk/doc/security/SecurityTarget.tex latex cleanup

Christian Zagrodnick cz at gocept.com
Thu Apr 21 09:04:19 EDT 2005


Log message for revision 30075:
  latex cleanup
  
  spelling
  

Changed:
  U   Zope3/trunk/doc/security/SecurityTarget.tex

-=-
Modified: Zope3/trunk/doc/security/SecurityTarget.tex
===================================================================
--- Zope3/trunk/doc/security/SecurityTarget.tex	2005-04-21 11:59:08 UTC (rev 30074)
+++ Zope3/trunk/doc/security/SecurityTarget.tex	2005-04-21 13:04:19 UTC (rev 30075)
@@ -1,6 +1,7 @@
 \documentclass[12pt,english]{scrbook}
 \usepackage{babel}
 \usepackage[latin1]{inputenc}
+\usepackage{url}
 \usepackage{tabularx}
 \usepackage{longtable}
 \usepackage{graphicx}
@@ -19,73 +20,45 @@
 \newcommand{\oh}{$\bullet$}
 
 
-
-\title{Zope X3 Security Target for EAL 1 (Draft)}
-\author{Christian Theune \and Steve Alexander \and Jim Fulton \and
-  Christian Zagrodnick}
-
-\uppertitleback{}
-\date{\today}
 \hypersetup{
 pdftitle={Zope X3 Security Target for EAL 1 (Draft)},
 pdfauthor={Christian Theune {\textless}ct at gocept.com{\textgreater};Steve Alexander {\textless}steve at catbox.net{\textgreater};Jim Fulton {\textless}jim at zope.com{\textgreater}}
 }
 
 
-\begin{document}
-\maketitle
+\subject{Zope X3}
+\title{Security Target for EAL 1 (Draft)}
+\author{Christian Theune \\
+  Steve Alexander \\
+  Jim Fulton \\
+  Christian Zagrodnick}
 
-%___________________________________________________________________________
-
-\uppertitleback
+\uppertitleback{
 \begin{description}
-    \item[Version:] $Rev$ (Draft)
-    \item[Date:] $Date$ 
+    \item[Version:] \$Rev$ $\$ (Draft)
+    \item[Date:] \$Date$ $\$
     \item[Author:] Christian Theune, ct at gocept.com
     \item[Author:] Steve Alexander, steve at catbox.net
     \item[Author:] Jim Fulton, jim at zope.com
     \item[Author:] Christian Zagrodnick, cz at gocept.com
-    \item[DocumentID:] $Id$
-\end{description}
+    \item[DocumentID:] \$Id$ $\$
+  \end{description}
+}
+\date{\today}
 
-\newpage
 
-\tableofcontents
-\newpage
-\listoftables
 
+\begin{document}
+\maketitle
 
-
 %___________________________________________________________________________
 
 
+\tableofcontents
+\newpage
+\listoftables
 
-\chapter{Document History}
 
-\begin{longtable}{|l|l|l|l|}
-\hline
-\textbf{
-Version
-} & \textbf{
-Date
-} & \textbf{
-Change
-} & \textbf{
-Editor
-} \\
-\hline
-\endhead
-
-0.1
- &  & 
-First draft
- & 
-Christian Theune
- \\
-\hline
-\end{longtable}
-
-
 %___________________________________________________________________________
 
 
@@ -100,73 +73,50 @@
 \section{ST identification}
 
 \begin{description}
-\item [Document Title:]
-Zope X3, Security target
+  
+  \item [Document Title:] Zope X3, Security target
 
+  \item [Document ID:]
+    \$Id$ $\$
+  
+  \item [Document Version:] \$Rev$ $\$
+  
+  \item [Origin:] Zope Corporation public Subversion server
+  
+  \item [TOE Reference:] Zope X3 3.1/CC       
+  % XXX still to define. Possible alternative: Zope CC 3.1
 
-\item [Document ID:]
-$Id$
+  \item [TOE Commercial Name:] Zope X3   
+  % XXX to define, depending on TOE Reference
 
+  \item [TOE Short Description:] A platform independent web application server
+  and framework written in Python
 
-\item [Document Version:]
-$Rev$
 
+  \item [Product Type:] Web Application Server
 
-\item [Origin:]
-Zope Corporation public Subversion server
 
+  \item [Evaluation Body:] Evaluation Body of T"UV Informationstechnik GmbH,
+  Germany
 
-\item [TOE Reference:]
-Zope X3 3.1/CC              % XXX still to define. Possible alternative: Zope CC 3.1
+  \item [Certification Body:] Certification Body of T"UV Informationstechnik
+  GmbH, Germany
 
 
-\item [TOE Commercial Name:]
-Zope X3                     % XXX to define, depending on TOE Reference
-
-
-\item [TOE Short Description:]
-A platform independent web application server and framework written in Python
-
-
-\item [Product Type:]
-Web Application Server
-
-
-\item [Evaluation Body:]
-Evaluation Body of TUV Informationstechnik GmbH, Germany
-
-
-\item [Certification Body:]
-Certification Body of TUV Informationstechnik GmbH, Germany
-
-
 \end{description}
 
-This ST is based upon Common Criteria, Version 2.1 (\emph{{[}CC]}).
+This ST is based upon Common Criteria, Version 2.1 
 The TOE consists of the following component:
-\begin{quote}
 
-\begin{longtable}[c]{|l|l|l|}
-\hline
-\textbf{
-Component
-} & \textbf{
-Version
-} & \textbf{
-Supplier
-} \\
-\hline
-\endhead
-
-Zope
- & 
-X3          % XXX to be defined
- & 
-Zope Corporation
- \\
-\hline
+\begin{longtable}[c]{lll}
+  \toprule
+  Component & Version & Supplier \\
+  \midrule \endhead
+  Zope & X3 & Zope Corporation \\
+  % The version needs to be defined 
+  \bottomrule
+  \caption{TOE Components}
 \end{longtable}
-\end{quote}
 
 
 %___________________________________________________________________________
@@ -199,19 +149,17 @@
 
 \section{ISO/IEC 15408 (CC) Conformance}
 
-This ST is claimed to be conformant with the ISO/IEC 15408:1999 (Common
-Criteria, Version 2.1 with final interpretations, see \emph{{[}CC]}) and its following
+This ST is claimed to be conforming with the ISO/IEC 15408:1999 (Common
+Criteria, Version 2.1 with final interpretations) and its following
 parts:
-\begin{quote}
+
 \begin{itemize}
-\item {} 
-Part 2 and
+  
+  \item Part 2 and
+  
+  \item Part 3, EAL1.
 
-\item {} 
-Part 3, EAL1.
-
 \end{itemize}
-\end{quote}
 
 The assurance level is EAL 1.
 
@@ -229,9 +177,9 @@
 
 \section{Overview}
 
-Zope 3 (also referred to as ``Zope'') is a component based framework that may be
-used to build web applications. It's development is historically focused but
-not limited on building content management systems.
+Zope 3 (also referred to as ``Zope'') is a component based framework that may
+be used to build web applications. It's development is historically focused,
+but not limited, on building content management systems.
 
 It is written as platform independent software using the Python programming
 language. Therefore it is available for Windows NT, Linux, MacOS X and other
@@ -293,7 +241,7 @@
 To ensure a stable production every developer wishing to directly access the
 repository must retrieve authorisation from Zope Corporation. This is
 expressed by providing a signed contributors agreement,
-\href{http://dev.zope.org/DevHome/Subversion/Contributor.pdf}{http://dev.zope.org/DevHome/Subversion/Contributor.pdf}.
+\url{http://dev.zope.org/DevHome/Subversion/Contributor.pdf}.
 
 Write access to the repository is only available through ssh and by providing
 a public key to the maintainer of the repository.
@@ -323,17 +271,18 @@
 
 The version numbers of the TOE releases express if it is a feature or bugfix
 release like this: 3.f.b where f and b are continuous given numbers and f
-expresses the f-th feature relase for Zope 3 and b expresses the b-th bugfix
-relase for the f-th feature release. Every feature release starts with bugfix
-release 0 in which case the bugfix number may be ommitted. (E.g. 3.1.4,
+expresses the f-th feature release for Zope 3 and b expresses the b-th bugfix
+release for the f-th feature release. Every feature release starts with bugfix
+release 0 in which case the bugfix number may be omitted. (E.g. 3.1.4,
 3.1.0/3.1, 3.0.0/3.0)
 
-Test releases are identified by adding their grade (a for alpha, b for beta, rc
-for release candidate) at the end of the version number that it is targeted at.
-(3.1.4b2 would be the second beta release for the upcoming version 3.1.4)
+Test releases are identified by adding their grade (a for alpha, b for beta,
+  rc for release candidate) at the end of the version number that it is
+targeted at.  (3.1.4b2 would be the second beta release for the upcoming
+  version 3.1.4)
 
 New features are proposed and agreed within the developers community by the use
-of mailinglists and wiki pages. They are incorportated in an agreed feature
+of mailing lists and wiki pages. They are incorporated in an agreed feature
 release.
 
 Until agreed to be ready for public test the development and until all
@@ -345,19 +294,16 @@
 introduced on the trunk that is heading for the next feature release.
 
 Therefore an overall of about 3 concurrent maintained versions can exist:
-\begin{quote}
+
 \begin{itemize}
-\item {} 
-old feature release in maintenance mode
+  
+  \item old feature release in maintenance mode
 
-\item {} 
-upcoming feature release, already in maintance mode but not stable
+  \item upcoming feature release, already in maintenance mode but not stable
 
-\item {} 
-upcoming feature relaese in free development mode
+  \item upcoming feature release in free development mode
 
 \end{itemize}
-\end{quote}
 
 
 %___________________________________________________________________________
@@ -384,28 +330,28 @@
 
 \subsection{TOE Logical Boundaries}
 
-The logical boundary for the TOE consists of several security-relevant sub-systems of
-Zope 3:
+The logical boundary for the TOE consists of several security-relevant
+sub-systems of Zope 3:
 
 \begin{itemize}
-\item Protection
 
-\item Authentication
+  \item Protection
 
-\item Authorization / Access Control
+  \item Authentication
 
-\item Auditing
+  \item Authorization / Access Control
 
-\item Transaction Management
+  \item Auditing
 
-\item Undo
+  \item Transaction Management
 
-\item Publication / Server
+  \item Undo
 
+  \item Publication / Server
+
 \end{itemize}
 
-See section ``TOE security functions`` % XXX do real  reference here
-for more details regarding those sub-systems.
+See section \vref{toe-sec-funcs} for more details regarding those sub-systems.
 
 %___________________________________________________________________________
 
@@ -420,7 +366,7 @@
 
 \section{Assets}
 
-The following primary asssets have been identified:
+The following primary assets have been identified:
 
 \begin{longtable}[c]{lp{10cm}}
   \toprule 
@@ -924,12 +870,10 @@
 
 \minisec{FAU{\_}GEN.1 Audit data generation}
 \begin{description}
-%[visit_definition_list_item]
-\item[FAU{\_}GEN.1.1]
-%[visit_definition]
-
-The TSF shall be able to generate an audit record of the following auditable
-events:
+  
+  \item[FAU\_GEN.1.1] The TSF shall be able to generate an audit record of the
+  following auditable events:
+  
 \newcounter{listcnt2}
 \begin{list}{\alph{listcnt2})}
 {
@@ -1867,109 +1811,36 @@
 The Evaluation Assurance Level chosen for this Evaluation is EAL 1.
 
 The following TOE assurance requirements drawn from CC Part 3 are valid:
-\begin{quote}
 
-\begin{longtable}[c]{|l|l|l|}
-\hline
-\textbf{
-Identification
-} & \textbf{
-Description
-} & \textbf{
-Direct dependencies
-} \\
-\hline
-\endhead
 
-\textbf{ACM}
- & 
-Configuration management (CM)
- &  \\
-\hline
+\begin{longtable}[c]{lp{6cm}l}
+  \toprule
+  Identification & Description & Direct dependencies\\
+  \midrule \endhead
 
-ACM{\_}CAP.1
- & 
-Version numbers
- & 
-None
- \\
-\hline
+  \textbf{ACM} & Configuration management (CM) &  \\
+  ACM{\_}CAP.1 & Version numbers & None \\
 
-\textbf{ADO}
- & 
-Delivery and Operation
- &  \\
-\hline
+  \textbf{ADO} & Delivery and Operation &  \\
+  ADO{\_}IGS.1 & Installation, generation and start-up & AGD{\_}ADM.1 \\
+  
+  \textbf{ADV} & Development &  \\
+  ADV{\_}FSP.1 & Informal Functional specification & ADV{\_}RCR.1 \\
 
-ADO{\_}IGS.1
- & 
-Installation, generation and start-up
- & 
-AGD{\_}ADM.1
- \\
-\hline
+  ADV{\_}RCR.1 & Representation correspondence: Information correspondence
+  demonstration & None \\ 
 
-\textbf{ADV}
- & 
-Development
- &  \\
-\hline
+  \textbf{AGD} & Guidance documents &  \\
+  AGD{\_}ADM.1 & Administrator guidance & ADV{\_}FSP.1 \\
+  AGD{\_}USR.1 & User guidance & ADV{\_}FSP.1 \\
+  \textbf{ATE} &  &  \\ 
+  ATE{\_}IND.1 & Independent testing - conformance & ADV{\_}FSP.1 AGD{\_}ADM.1 AGD{\_}USR.1 \\
 
-ADV{\_}FSP.1
- & 
-Informal Functional specification
- & 
-ADV{\_}RCR.1
- \\
-\hline
 
-ADV{\_}RCR.1
- & 
-Representation correspondence:
-Information correspondence
-demonstration
- & 
-None
- \\
-\hline
-
-\textbf{AGD}
- & 
-Guidance documents
- &  \\
-\hline
-
-AGD{\_}ADM.1
- & 
-Administrator guidance
- & 
-ADV{\_}FSP.1
- \\
-\hline
-
-AGD{\_}USR.1
- & 
-User guidance
- & 
-ADV{\_}FSP.1
- \\
-\hline
-
-\textbf{ATE}
- &  &  \\
-\hline
-
-ATE{\_}IND.1
- & 
-Independent testing - conformance
- & 
-ADV{\_}FSP.1
-AGD{\_}ADM.1
-AGD{\_}USR.1
- \\
-\hline
+  \bottomrule
+  \caption{TOE Assurance Requirements}
+            
 \end{longtable}
-\end{quote}
 
 
 %___________________________________________________________________________
@@ -1978,40 +1849,42 @@
 
 \section{Security requirements for the IT environment}
 
-ITITIT
-
 The following security requirements exist for the IT environment:
 
-The operating system is Windows 2000, Windows XP or Linux. Either all
-known security patches must have been installed.
+\begin{itemize}
 
-The Python Version is 2.3.2 or a compatible Bugfix release.
+  \item The operating system is Windows 2000, Windows XP or Linux. Either all
+  known security patches must have been installed.
 
-The ZODB storage is FSStorage or XXX ... What else?.
+  \item The Python Version is 2.3.2 or a compatible Bugfix release.
 
-The client software must support ``protected authentication feedback''
-(FIA{\_}UAU.7), to at least not echo a user's credentials in plain text.
+  \item The ZODB storage is FSStorage or XXX ... What else?.
 
-One or more ``trusted paths'' to the TOE must be provided using secure
-proxies, such as an HTTPS proxy like Apache with SSL, or Pound.
+  \item The client software must support ``protected authentication feedback''
+  (FIA{\_}UAU.7), to at least not echo a user's credentials in plain text.
 
-If external IT systems are used, a trusted channel between the TOE and
-those systems must be provided by the TOE host environment.  For
-example, while the TOE may communicate with clients on a public
-network through a specific port allowed through a firewall, all
-communication with other IT systems could be over a private network.
+  \item One or more ``trusted paths'' to the TOE must be provided using secure
+  proxies, such as an HTTPS proxy like Apache with SSL, or Pound.
 
-To ensure a ``trusted path'' to the TOE, users of the TOE must use
-secure proxies correctly (for example, being sure to accept only
-valid server certificates with HTTPS).
+  \item If external IT systems are used, a trusted channel between the TOE and
+  those systems must be provided by the TOE host environment.  For example,
+  while the TOE may communicate with clients on a public network through a
+  specific port allowed through a firewall, all communication with other IT
+  systems could be over a private network.
 
+  \item To ensure a ``trusted path'' to the TOE, users of the TOE must use
+  secure proxies correctly (for example, being sure to accept only valid
+    server certificates with HTTPS).
+
+\end{itemize}
 %___________________________________________________________________________
 
 \chapter{TOE summary specification}
 
 
-\section{TOE security functions}
+\section{TOE security functions}  \label{toe-sec-funcs}
 
+
 The major functions implemented by the TOE are:
 
 
@@ -2087,9 +1960,11 @@
 
 \subsection{Configuration}
 
-- assigning roles/permissions/etc via zcml
-- assigning permissions/roles/users via management interface
-- assigning permissions/roles/users via API
+\begin{itemize}
+  \item assigning roles/permissions/etc via zcml
+  \item assigning permissions/roles/users via management interface
+  \item assigning permissions/roles/users via API
+\end{itemize}
 
 \subsection{Auditing}
 
@@ -2304,10 +2179,9 @@
   
   \item[O.Protect:] This security objective is necessary to counter the threat
   \textbf{T.AuditFake} because it protects the audit data generation function
-  and thereby prevents logging of false information. It also covers the
-  assumption \textbf{A.OS} because self-protection mechanisms decrease the
-  risk of compromising the TOE and thereby the risk of compromising the
-  host system.
+  and thereby prevents logging of false information. It also helps to covers
+  the assumption \textbf{A.OS} because self-protection mechanisms help to
+  dtect security problems in the runtime environment.
   
   \item[O.Access:] This security objective is necessary to counter the threat
   \textbf{T.Operation} because it prevents performing operations on an object



More information about the Zope3-Checkins mailing list