Раздел: Документация

0 ... 28 29 30 31 32 33 34 ... 117

b)management of the authentication data by the associated user;

c)managing the list of actions that can be taken before the user is authenticated.

Management: FIAUAU.2

The following actions could be considered for the management functions in FMT:

a)management of the authentication data by an administrator;

b)management of the authentication data by the user associated with this data.

Management: FIAUAU.3, FIAUAU.4, FIAUAU.7 There are no management activities foreseen. Management: FIAUAU.5

The following actions could be considered for the management functions in FMT:

a)the management of authentication mechanisms;

b)the management of the rules for authentication.

Management: FIAUAU.6

The following actions could be considered for the management functions in FMT:

a) if an authorised administrator could request re-authentication, the management includes a re-authentication request.

Audit: FIAUAU.1

The following actions should be auditable if FAUGEN Security audit data generation is included in the PP/ST:

a)Minimal: Unsuccessful use of the authentication mechanism;

b)Basic: All use of the authentication mechanism;

c)Detailed: All TSF mediated actions performed before authentication of the user. Audit: FIAUAU.2

The following actions should be auditable if FAUGEN Security audit data generation is included in the PP/ST:

a)Minimal: Unsuccessful use of the authentication mechanism;

b)Basic: All use of the authentication mechanism.

---

Audit: FIAUAU.3

The following actions should be auditable if FAUGEN Security audit data generation is included in the PP/ST:

a)Minimal: Detection of fraudulent authentication data;

b)Basic: All immediate measures taken and results of checks on the fraudulent data.

Audit: FIA UAU.4

The following actions should be auditable if FAUGEN Security audit data generation is included

in the PP/ST:

a) Minimal: Attempts to reuse authentication data.

Audit: FIA UAU.5

The following actions should be auditable if FAUGEN Security audit data generation is included

in the PP/ST:

a)Minimal: The final decision on authentication;

b)Basic: The result of each activated mechanism together with the final decision.

Audit: FIA UAU.6

The following actions should be auditable if FAUGEN Security audit data generation is included

in the PP/ST:

a)Minimal: Failure of reauthentication;

b)Basic: All reauthentication attempts.

Audit: FIA UAU.7

There are no auditable events foreseen.

FIAUAU.1 Timing of authentication

Hierarchical to: No other components.

FIAUAU.1.1 The TSF shall allow [assignment: list of TSF mediated actions] on behalf of the user to be performed before the user is authenticated.

FIAUAU.1.2 The TSF shall require each user to be successfully authenticated before allowing any other TSF-mediated actions on behalf of that user.

Dependencies: FIAUID.1 Timing of identification

---

FIA UAU.2 User authentication before any action

Hierarchical to: FIAUAU.1

FIA UAU.2.1 The TSF shall require each user to be successfully authenticated before allowing any other TSF-mediated actions on behalf of that user.

Dependencies: FIAUID.1 Timing of identification

FIAUAU.3 Unforgeable authentication

Hierarchical to: No other components.

FIAUAU.3.1 The TSF shall [selection: detect, prevent] use of authentication data that has been forged by any user of the TSF.

FIA UAU.3.2 The TSF shall [selection: detect, prevent] use of authentication data that has been copied from any other user of the TSF.

Dependencies: No dependencies.

FIAUAU.4 Single-use authentication mechanisms

Hierarchical to: No other components.

FIA UAU.4.1 The TSF shall prevent reuse of authentication data related to [assignment: identified authentication mechanism(s)].

Dependencies: No dependencies.

FIAUAU.5 Multiple authentication mechanisms

Hierarchical to: No other components.

FIAUAU.5.1 The TSF shall provide [assignment: list of multiple authentication mechanisms] to support user authentication.

FIAUAU.5.2 The TSF shall authenticate any users claimed identity according to the [assignment: rules describing how the multiple authentication mechanisms provide authentication].

Dependencies: No dependencies.

0 ... 28 29 30 31 32 33 34 ... 117