Security Requirements for the IT EnvironmentAppendix A Common Criteria Environment: Security Requirements 669FAU_SEL.1.1 The IT environment shall be able to include or exclude auditableevents from the set of audited events based on the following attributes:a) [event type].FAU_STG.1 Protected audit trail storage (iteration 1)FAU_STG.1.1 The IT environment shall protect the stored audit records fromunauthorized deletion.FAU_STG.1.2 The IT environment shall be able to detect modifications to theaudit records.FAU_STG.4 Prevention of audit data loss (iteration 1)FAU_STG.4.1 The IT environment shall prevent auditable events, except thosetaken by the Auditor, if the audit trail is full.Cryptographic support (FCS)FCS_CKM.1 Cryptographic key generationFCS_CKM.1.1 The FIPS 140-1 validated cryptographic module shall generatecryptographic keys in accordance with [any FIPS-approved or recommendedcryptographic key generation algorithm] that meet the following: [FIPS 140-1].FCS_CKM.4 Cryptographic key destructionFCS_CKM.4.1 The IT environment shall destroy cryptographic keys inaccordance with a specified cryptographic key destruction method [anyFIPS-approved or recommended key destruction method] that meets thefollowing: [FIPS 140-1].FCS_COP.1 Cryptographic operationFCS_COP.1.1 The FIPS 140-1 validated cryptographic module shall perform [allcryptographic operations] in accordance with [FIPS-approved or recommendedalgorithms].User Data Protection (FDP)FDP_ACC.1 Subset access control (iteration 1)FDP_ACC.1.1 The IT environment shall enforce the CIMC IT EnvironmentAccess Control Policy specified in “CIMC TOE Access Control Policy,” on page 675on [users, files, and access to files].
