Beruflich Dokumente
Kultur Dokumente
ZTE Base Station Controller Series version ZTE ZXG10 iBSC Base Station Controller, V6.20.614, ZXC10 BSCB CDMA2000 Base Station Controller, V8.0.3.400, and ZXWR RNC WCDMA Radio Network Controller, V3.09.30
CERTIFICATION REPORT - SERTIT STANDARD REPORT TEMPLATE SD 009 VERSION 2.1 11.11.2011
SERTIT, P.O. Box 14, N-1306 Brum postterminal, NORWAY Phone: +47 67 86 40 00 Fax: +47 67 86 40 09 E-mail: post@sertit.no Internet: www.sertit.no
ARRANGEMENT ON THE RECOGNITION OF COMMON CRITERIA CERTIFICATES IN THE FIELD OF INFORM ATION TECHNOLOGY SECURITY SERTIT, the Norwegian Certification Authority for IT Security, is a member of the above Arrangement and as such this confirms that the Common Cri teria certificate has been issued by or under the authority of a Party to this Arrangement and is the Partys cla im that the certificate has been issued in accordance with the terms of this Arrangement The judgements contained in the cert ificate and Cert if ication Report are those of SERTIT which issued it and the Norwegian evaluation facility (EVIT) which carried out the evaluation. There is no implication of acceptance by other Members of the Agreement Group of liability in respect of those judgements or f or loss sustained as a result of reliance pla ced upon those judgements by a third party. [*]
* Mutual Recognit ion under the CC recognit ion arrangement applies to EAL 2 but not to ALC_FLR.2.
Page 2 of 22
Contents
1 2 3 4 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 4.13 4.14 4.15 4.16 4.17 5 5.1 5.2 5.3 5.4 5.5 5.6 5.7 6 6.1 6.2 Certification Statement Abbreviations References Executive Summary Introduction Evaluated Product TOE scope Protection Profile Conformance Assurance Level Security Policy Security Claims Threats Countered Threats Countered by the TOEs environment Threats and Attacks not Countered Environmental Assumptions and Dependencies IT Security Objectives Non-IT Security Objectives Security Functional Requirements Security Function Policy Evaluation Conduct General Points Evaluation Findings Introduction Delivery Installation and Guidance Documenta tion Misuse Vulnerability Analysis Developers Tests Evaluators Tests Evaluation Outcome Certifica tion Result Recommendations 5 6 8 9 9 9 9 9 9 9 10 10 10 10 10 11 11 12 12 12 13 14 14 15 15 15 15 15 15 16 16 16 17 17 18 21 22
Annex A: Evaluated Configuration TOE Identification TOE Documenta tion TOE Configuration Environmental Configuration
Page 3 of 22
Page 4 of 22
...
,
... , ...
.. .. . .
,
, . .
";
.:
_.
0-
."
,"
.,'
...
..
... - ... , .
...
.. .
. .. .- ...
l'
Certificatio,n Statement
ZTE Corporation ZTE Base Station Controller Series is a base station controller that provides functions such as voice and data services, mobility management including handover and reselection, resource management including access control. channel allocation, circuit management, GPRS and EDGE.
Kj e 11 W. Berg an
Head of SERTIT
14.09.2012
--------
SERTIT-038 14.09.2012
eR
Issue 1.0
Page 5 of 22
2
BBU BPL CC
Abbreviations
Baseband unit Baseband Processing module Common Criteria for Information Technology Security Evaluat ion (ISO/IEC 15408)
CCRA CEM EAL EMS EOR EPS ETR EVIT EWP FA L3 LTE MAC MME NAS NTP OMM PDCP PHY PM POC QP RF RLC Page 6 of 22
Arrangement on the Recognition of Common Criteria Cert ificates in the Field of Information Technology Securit y Common Methodology for Information Technology Securit y Evaluation Evaluation Assurance Level Element Managem ent System Evaluation Observation Report Evolved Packet System Evaluation Technica l Report Evaluation Facility under the Norwegian Certification Scheme for IT Security Evaluation Work Plan Fan Array Module Layer 3 Long-Term Evolution Media Access Control Mobilit y Management Entity Non-Access Stratum Network Time Protocol Operation and Maintenance Module Packet Data Convergence Protocol Physical Layer Power Module Point of Contact Qualified Participant Radio Frequency Radio Link Control SERTIT-038 CR Issue 1.0 14.09.2012
Remote Radio Unit Site alarm Board Site alarm Extension Board Security gateway Norwegian Certification Authority for IT Security Serving Gateway Security Policy Model Security Target Target of Evaluation TOE Security Functions TOE Security Policy User Equipment Universal Mobile Telecommunications System
Page 7 of 22
3
[1] [2] [3] [4] [5] [6] [7] [8]
References
ZTE Ba se Station Controllers Security Target, v 1 .0, 5 Ma y 2012 . Common Criteria Part 1, CCMB -2009-07-001, Version 3.1 R3, July 2009 . Common Criteria Part 2, CCMB -2009-07-002, Version 3.1 R3, July 2009 . Common Criteria Part 3, CCMB -2009-07-003, Version 3.1 R3, July 2009 . The Norwegian Cert ification Scheme, SD001E, Version 8.0, 20 August 2010 . Common Methodology for Information Technology Securit y Evaluation, Evaluation Methodology, CCMB -2009 -07-004, Version 3.1 R3, July 2009 . Evaluation Technica l Report Common Criteria EAL2+ Evaluation of ZTE Base Station Controller Series, v 1.3, 29 August 2012. CC Security Evaluation Certified Configurat ion v R1.0 .
Page 8 of 22
Executive Summary
4.1 Introduction
This Cert ification Report states the outcome of the Common Criteria securit y evaluation of ZTE Base Station Controller Series version ZTE ZXG10 iBSC Base Station Controller, V6.20.614, ZXC10 BSCB CDMA2000 Base Station Controller, V8.0.3.400, and ZXWR RNC W CDMA Radio Network Controller, V3.09.30 to the Sponsor, ZTE Corporation, and is int ended to a ssist prospective consumers when judging the suitabilit y of the IT security of the product for their part icular requirements. Prospective consumers are adv ised to rea d this report in conjunct ion with the Security Target [1] which specifies the functional, environmental and assurance evaluation requirement s.
Page 10 of 22
OE.TRUSTED_SYSTEMS The operator shall ensure that: the NTP, are t rusted, a nd will not be used to attack the TOE. The PSTN, Service Part Private Network, W ireless Network, Core Net work and Secure Network are t rusted networks, and will not be used to attack the TOE The L3 switch will block all traffic from/to the external network except for: Selected traffic between EMS and BSC/OMM Selected traffic between EMS and EMS Client
the Field of Information Technology Securit y (CCRA), and the evalua tion was conducted in accordance with the terms of this Arrangement. The purpose of the eva luation wa s to provide assurance about the effectiveness o f the TOE in meet ing its Security Target [1], which prospective consumers are advised t o read. To ensure that the Security Target [1] gave an appropriate baseline for a CC evaluation, it was first itself evaluated. The TOE was then evaluated against this baseline. Both parts of the evaluation were per formed in accordance with CC Part 3[4] and the Common Evaluation Methodology (CEM) [6]. SERTIT monitored the evaluation which was carried out by the Brightsight B.V. Commercial Evaluation Facility ( CLEF/EVIT). The evaluation was completed when the EVIT submitted the final Evaluation Technical Report (ETR) [7] t o SE RTIT in 29.08.2012 . SERTIT then produced this Cert ification Report.
Page 13 of 22
Evaluation Findings
The eva luators examined the following assurance classes and components taken from CC Part 3. These classes comprise the EAL 2 a ssurance package augmented with ALC_FLR.2 Assurance class Development ADV_ARC.1 ADV_FSP.2 ADV_TDS.1 Guidance documents AGD_OPE.1 AGD_PRE.1 Life -cycle support ALC_CMC.2 ALC_CMS.2 ALC_DEL.1 ALC_FLR.2 Security Target evaluation ASE_CCL.1 ASE_ECD.1 ASE_INT.1 ASE_OBJ.2 ASE_REQ.2 ASE_SPD.1 ASE_TSS.1 Tests ATE_COV.1 ATE_FUN.1 ATE_IND.2 Vulnerabilit y assessment AVA_VAN.2 Assurance components Security architecture description Security -enforcing functional specification Basic design Operational user guida nce Preparative procedures Use of a CM system Parts of the TOE CM coverage Delivery procedures Flaw reporting procedures Conformance cla ims Extended components definition ST introduct ion Security objectives Derived security requirements Security problem definition TOE summary specifica tion Evidence of coverage Functional test ing Independent testing sample Vulnerabilit y analysis
5.1 Introduction
The eva luation a ddressed the requirements specified in the Securit y Target [1]. The results of this work were reported in the ETR [7] under the CC Part 3 [4] headings. The following sections not e considerations that a re of part icular relevance to either consumers or those involved with subsequent assurance ma intenance and re evaluation of the TOE .
Page 14 of 22
5.2 Delivery
On receipt of the TOE, the consumer is recommended t o check that t he evaluated version has been supplied, and to check that the security of the TOE has not been compromised in delivery.
5.4 Misuse
There is always a risk of intentional and unint entional misconfigurations that could possibly compromise confidential information. Developers should follow the guidance for the TOE in order to ensure that the TOE o perates in a secure manner. The guidance document [8] adequately describe the mode of operation of the TOE, all assumptions a bout the intended environment and all requirements for external securit y. Sufficient guidance is provided for t he consumer t o effect ively use the TOEs securit y functions.
Shanghai due to network condit ions between ZTE and Singapore affecting the responsiveness of the Citrix remote sessions.
Evaluation Outcome
6.2 Recommendations
Prospective consumers of ZTE Base Station Controller Series version ZTE ZXG10 iBSC Base Station Controller, V6.20.614, ZXC10 BSCB CDMA2000 Base St ation Controller, V8.0.3.400, and ZXWR RNC W CDMA Radio Net work Controller, V3.09.30 should understand the specific scope of the cert ification by reading this report in conjunction with the Security Target [1]. The TOE should be used in accordance with a number of environment al considerations as specified in the Securit y Target. Only the evaluated TOE configurat ion should be installed. This is specified in Annex A with further relevant information given above under Section 4.3 TOE Scope and Section 5 Evaluation Findings. The TOE should be used in accordance with the supporting guida nce documentation included in the evaluat ed configuration.
Page 16 of 22
Hardware
BIPI (for Access Unit) GLI (for Switch Unit) GUP (for Process Unit) OMP(for O&M Unit) PWRD(for Peripheral Monitoring Unit) SBCX (for the OMM) ZXG10 iBSC (V6.20.614) OMM V6.20.614 OMM Client V6.20.614
Hardware
Software Software ZX C1 0 B SC B
TYPE
GIPI, EIPI(for Access Unit) GLI (for Switch Unit) RUB, RCB (for Process Unit) OMP(for O&M Unit) PWRD(for Peripheral Monitoring Unit) SBCX (for the OMM) ZXWR RNC (V3.09.30) OMM V3.09.30 OMM Client V3.09.30
Hardware
Software Software
ABES/ABPM(for Access Unit) CHUB/THUB (for control plane switching Unit) CLKD/CLKG(for clock driver/generator unit) GCM(for GPS unit) DTB/SDTB(for TDM Interface Unit) GLIQV/GLI(Line Interface Board) IBBE(for BSC-Inter-Connect Unit) ICM (Integrated clock Module) INLP/ SPB (Signaling processing and E1/T1 interface Unit) SIPI/IPI (for IP Signaling/Bearer Interface) IWFB (for IWF Unit) MP (for Processing Unit) OMP (for O&M Unit) PSN (for Packet Switch Network Unit) PWRD (for Power Unit) SDU (for Select/Distribute Unit) UIM/GUIM(for Switch Unit) UPDC /UPCF/ IPCF (for PCF & PTT) VTCD (for Voice Transcode Unit) ZXC10 BSCB (V8.0.3.400)OMM V3.08.34.00 OMM Client V3.08.34.00
Page 17 of 22
TOE Documentation
The supporting guidance documents evaluated were: Certified Configuration [a] CC Security Evaluation Certified Configurat ion
Standard Guidance: [b] [c] [d] [e] [f] [g] [h] [i] [j] [k] [l] [m] [n] [o] [p] [q] [r] [s] [t] [u] [v] [w] [x] [y] [z] NetNumen U31 R18 (V 12.11.40) Product Description NetNumen U31 R18 (V 12.11.40) Maintenance Guide NetNumen U31 R18 (V 12.11.40) MML Comma nd Reference NetNumen U31 R18 (V 12.11.40) Security Management Operation Guide NetNumen U31 R18 (V 12.11.40) Log Management Operation Guide NetNumen U31 R18 (V 12.11.40) Fault Manage ment Operation Guide NetNumen U31 R18 (V 12.11.40) Management Operation Guide NetNumen U31 R18 (V 12.11.40) MML Terminal Operation Guide NetNumen U31 R18 (V 12.11.40) Maintenance Guide iBSC Product Description Base Station Controller Documentation Guide Base Station Controller System Description Harware Descript ion Hardware Installation Guide Base Station Controller Rout ine Maintenance Base Station Controller Emergency Maintenance Base Station Controller Software Installation Guide Feature Configuration Guide Data Management Operation Guide Base Station Controller Software Version Management Operation Guide Diagnosis Test MML Command Reference Alarm Handling Reference Notification Handling Reference Parts Replacement Guide SERTIT-038 CR Issue 1.0 14.09.2012
Page 18 of 22
System Management O peration Guide Security Management Operation Guide Log Management Operation Guide
RNC Standard Guidance [dd] [ee] [ff] [gg] [hh] [ii] [jj] [kk] [ll] [mm] [nn] [oo] [pp] [qq] [rr] [ss] [tt] [uu] [vv] [ww] [xx] [yy] [zz] [aaa] [bbb] [ccc] Product Description Alarm and Notification Handling Reference Radio Parameter Reference Documentation Guide System Description Hardware Description Hardware Installation Guide Trouble Shooting Routine Maintenance Emergency Maintenance Log Service MML Command Reference OMM Software Installa tion Guide Test Management Operation Guide Software Mana gement Operation Guide Calling Trace O peration Guide Radio Configur ation O peration Guide Dynamic Data Management Operation Guide Configuration Tool Operation Guide Hardware Repla cement Guide Ground Configuration Operation Guide Manage Object Model Description Specifications and Requirements for IRPS System Management O peration Guide Security Management Operation Guide Log Management Operation Guide Page 19 of 22
BSCB CDMA2000 Standard Guidance [ddd] [eee] [fff] [ggg] [hhh] [iii] [jjj] [kkk] [lll] System Documentation Guide System Basic Principle System Product Overview System interface and Protocol Description Controller Technical Man ual Controller Hardware Manual Controller installation Manual System Cable Preparation Manual System DIP Switches and Jumpers Reference Manual
[mmm] Controller Routine Maintenance Manual [nnn] [ooo] [ppp] [qqq] [rrr] [sss] [ttt] [uuu] [vvv] Station System Trouble shoot ing Manual System Emergency maintenance Manual System Alarm Handling Manual System Configuration Parameter (Overview) Configuration Paramet er Manual(1x Release A) Configuration Paramet er Manual (DO) System Configuration Parameter Manual (A Ap Interface) Configuration Paramet er Manual_V5 Interface Configuration Paramet er Manual(Physical Inventory Data)
[www] Configuration Paramet er Manual(Physical Configuration Data) [xxx] [yyy] [zzz] System Common Timer Description System Command Manual_System Tools System Command Manual_Configuration Management
[aaaa] System Command Manual_Radi o Configuration 1X [bbbb] System Command Manual_Radio Configuration DO [cccc] System Performance Management Counter Description_1x [dddd] System Performance Management Counter Description_EV -DO [eeee] System Performance Management Counter Description_PTT [ffff] System Call Failure Reason and Call Drop Explanation_1X SERTIT-038 CR Issue 1.0 14.09.2012
Page 20 of 22
[gggg] Call Failure Reason and Call Drop Explanation(EV -DO) [hhhh] Call Failure Reason and Call Drop Explanation(PTT) [iiii] [jjjj] System Operation Manual(Configuration Management) System Operation Manual(System Tools)
[kkkk] System Operation Manual(Alarm Manag ement ) [llll] System Operation Manual(Common O perations)
[mmmm] System Commissioning Manual [nnnn] Controller Data Configuration Manual_DO [oooo] Controller Data Configuration Manual_PTT [pppp] Controller Data Configuration Manual_V5 [qqqq] Alarm Box(V5.00)User Manual All these documents are version R1.0 except where otherwise.
TOE Configuration
The following configuration was used for test ing:
HARDWARE
IBM P740, 2*2 core CPUs, 32GB Memory (For EMS Server) 2 146G SAS Disks, Dual-port HBA cards (EMS) ST6180 8*300G FC15K Disk Array (EMS) ZXG10 iBSC (V6.20.614) ZXC10 BSCB (V8.0.3.400)OMM V3.08.34.00 OMM V6.20.614 OMM V3.09.30 OMM Client V6.20.614 OMM Client V3.09.30 OMM Client V3.08.34.00 ZXWR RNC (V3.09.30) EMS server/client (NetNumen U31 R18 V12.11.40)
SOFTWARE
Page 21 of 22
Environmental Configuration
The TOE is tested in the following test set -up:
EMS Client
EMS Server
iBSC OMM
RNC OMM
Page 22 of 22