Раздел: Документация

0 ... 27 28 29 30 31 32 33 ... 117

7.3 Specification of secrets (FIA SOS)

Family behaviour

This family defines requirements for mechanisms that enforce defined quality metrics on provided secrets and generate secrets to satisfy the defined metric.

Component levelling

FIA SOS Specification of secrets

2

FIA SOS.1 Verification of secrets requires the TSF to verify that secrets meet defined quality metrics.

FIASOS.2 TSF Generation of secrets requires the TSF to be able to generate secrets that meet defined quality metrics.

Management: FIA SOS.1

The following actions could be considered for the management functions in FMT: a) the management of the metric used to verify the secrets.

Management: FIA SOS.2

The following actions could be considered for the management functions in FMT: a) the management of the metric used to generate the secrets.

Audit: FIASOS.1, FIASOS.2

The following actions should be auditable if FAUGEN Security audit data generation is included

in the PP/ST:

a)Minimal: Rejection by the TSF of any tested secret;

b)Basic: Rejection or acceptance by the TSF of any tested secret;

c)Detailed: Identification of any changes to the defined quality metrics.

---

FIASOS.1 Verification of secrets

Hierarchical to: No other components.

FIA SOS.1.1 The TSF shall provide a mechanism to verify that secrets meet [assignment: a defined quality metric].

Dependencies: No dependencies.

FIASOS.2 TSF Generation of secrets

Hierarchical to: No other components.

FIA SOS.2.1 The TSF shall provide a mechanism to generate secrets that meet [assignment: a defined quality metric].

FIA SOS.2.2 The TSF shall be able to enforce the use of TSF generated secrets for [assignment: list of TSF functions].

Dependencies: No dependencies.

---

7.4 User authentication (FIA UAU)

Family behaviour

This family defines the types of user authentication mechanisms supported by the TSF. This family also defines the required attributes on which the user authentication mechanisms must be based.

Component levelling

FIA UAU User authentication

1- 2

3

4

5

6

FIAUAU.1 Timing of authentication, allows a user to perform certain actions prior to the authentication of the users identity.

FIA UAU.2 User authentication before any action, requires that users authenticate themselves before any action will be allowed by the TSF.

FIAUAU.3 Unforgeable authentication, requires the authentication mechanism to be able to detect and prevent the use of authentication data that has been forged or copied.

FIAUAU.4 Single-use authentication mechanisms, requires an authentication mechanism that operates with single-use authentication data.

FIAUAU.5 Multiple authentication mechanisms, requires that different authentication mechanisms be provided and used to authenticate user identities for specific events.

FIA UAU.6 Re-authenticating, requires the ability to specify events for which the user needs to be re-authenticated.

FIAUAU.7 Protected authentication feedback, require that only limited feedback information is provided to the user during the authentication.

Management: FIA UAU.1

The following actions could be considered for the management functions in FMT: a) management of the authentication data by an administrator;

0 ... 27 28 29 30 31 32 33 ... 117