Раздел: Документация
0 ... 85 86 87 88 89 90 91 ... 117 Annex G (informative) Identification and authentication (FIA) A common security requirement is to unambiguously identify the person and/or entity performing functions in a TOE. This involves not only establishing the claimed identity of each user, but also verifying that each user is indeed who he/she claims to be. This is achieved by requiring users to provide the TSF with some information that is known by the TSF to be associated with the user in question. Families in this class address the requirements for functions to establish and verify a claimed user identity. Identification and Authentication is required to ensure that users are associated with the proper security attributes (e.g. identity, groups, roles, security or integrity levels). The unambiguous identification of authorised users and the correct association of security attributes with users and subjects is critical to the enforcement of the security policies. The FIA UID family addresses determining the identity of a user. The FIA UAU family addresses verifying the identity of a user. The FIA AFL family addresses defining limits on repeated unsuccessful authentication attempts. The FIA ATD family address the definition of user attributes that are used in the enforcement of the TSP. The FIA USB family addresses the correct association of security attributes for each authorised user. The FIA SOS family addresses the generation and verification of secrets that satisfy a defined metric. (informative) FDP AFL Authentication failures FIA ATD User attribute definition FIA SOS Specification of secrets FIA UAU User authentication FIA UID User identification FIA USB User-subject binding   1- 2
Figure G.1 - Identification and authentication class decomposition 1 1 1 2 1 G.1 Authentication failures (FIA AFL) This family addresses requirements for defining values for authentication attempts and TSF actions in cases of authentication attempt failure. Parameters include, but are not limited to, the number of attempts and time thresholds. The session establishment process is the interaction with the user to perform the session establishment independent of the actual implementation. If the number of unsuccessful authentication attempts exceeds the indicated threshold, either the user account or the terminal (or both) will be locked. If the user account is disabled, the user cannot log-on to the system. If the terminal is disabled, the terminal (or the address that the terminal has) cannot be used for any logon. Both of these situations continue until the condition for re-establishment is satisfied. FIAAFL.1 Authentication failure handling User application notes The PP/ST author may define the number of unsuccessful authentication attempts or may choose to let the TOE developer or the authorised user to define this number. The unsuccessful authentication attempts need not be consecutive, but rather related to an authentication event. Such an authentication event could be the count from the last successful session establishment at a given terminal. The PP/ST author could specifya listofactions thatthe TSF shall take in the case of authentication failure. An authorised administrator could also be allowed to manage the events, if deemed opportune by the PP/ST author. These actions could be, among other things, terminal deactivation, user account deactivation, or administrator alarm. The conditions under which the situation will be restored to normal must be specified on the action. In order to prevent denial of service, TOEs usually ensure that there is at least one user account that cannot be disabled. Further actions for the TSF can be stated by the PP/ST author, including rules for re-enabling the user session establishment process, or sending an alarm to the administrator. Examples of these actions are: until a specified time has lapsed, until the authorised administrator re-enables the terminal/account, a time related to failed previous attempts (every time the attempt fails, the disabling time is doubled). Operations Assignment: In FIAAFL.1.1, if the PP/ST author should specify the default number of unsuccessful authentication attempts that, when met or surpassed, will trigger the events. The PP/ST author may specify that the number is: "an authorised administrator configurable number". In FIAAFL.1.1, the PP/ST author should specify the authentication events. Examples of these authentication events are: the unsuccessful authentication attempts since the last successful authentication for the indicated user identity, 0 ... 85 86 87 88 89 90 91 ... 117
|
