The TSF management functions enable authorised users to set up and control the secure operation of the TOE. These administrative functions typically fall into a number of different categories:
a) Management functions that relate to access control, accountability and authentication controls enforced by the TOE. For example, definition and update of user security characteristics (e.g. unique identifiers associated with user names, user accounts, system entry parameters) or definition and update of auditing system controls (e.g. selection of audit events, management of audit trails, audit trail analysis, and audit report generation), definition and update of per-user policy attributes (such as user clearance), definition of known system access control labels, and control and management of user groups.
b) Management functions that relate to controls over availability. For example, definition and update of availability parameters or resource quotas.
c) Management functions that relate to general installation and configuration. For example, TOE configuration, manual recovery, installation of TOE security fixes (if any), repair and reinstallation of hardware.
d) Management functions that relate to routine control and maintenance of TOE resources. For example, enabling and disabling peripheral devices, mounting of removable storage media, backup and recovery of user and system objects.
Note that these functions need to be present in a TOE based on the families included in the PP or ST. It is the responsibility of the PP/ST author to ensure that adequate functions will be provided to manage the system in a secure fashion.
The TSF might contain functions that can be controlled by an administrator. For example, the auditing functions could be switched off, the time synchronisation could be switchable, and/or the authentication mechanism could be modifiable.