Раздел: Документация
0 ... 86 87 88 89 90 91 92 ... 117 the unsuccessful authentication attempts since the last successful authentication for the current terminal, the number of unsuccessful authentication attempts in the last 10 minutes. At least one authentication event must be specified. In FIAAFL.1.2, the PP/ST author should specify the actions to be taken in case the threshold is met or surpassed. These actions could be disabling of an account for 5 minutes, disabling the terminal for an increasing amount of time (2 to the power of the number of unsuccessful attempts in seconds), or disabling of the account until unlocked by the administrator and simultaneously informing the administrator. The actions should specify the measures and if applicable the duration of the measure (or the conditions under which the measure will be ended). G.2 User attribute definition (FIA ATD) All authorised users may have a set of security attributes, other than the users identity, that are used to enforce the TSP. This family defines the requirements for associating user security attributes with users as needed to support the TSP. User notes There are dependencies on the individual security policy definitions. These individual definitions should contain the listing of attributes that are necessary for policy enforcement. FIAATD.1 User attribute definition User application notes This component specifies the security attributes that should be maintained at the level of the user. This means that the security attributes listed are assigned to and can be changed at the level of the user. In other words, changing a security attribute in this list associated with a user should have no impact on the security attributes of any other user. In case security attributes belong to a group of users (such as Capability List for a group), the user will need to have a reference (as security attribute) to the relevant group. Operations Assignment: In FIAATD.1.1, the PP/ST author should specify the security attributes that are associated to an individual user. An example of such a list is {clearance, group identifier, rights}. G.3 Specification of secrets (FIA SOS) This family defines requirements for mechanisms that enforce defined quality metrics on provided secrets, and generate secrets to satisfy the defined metric. Examples of such mechanisms may include automated checking of user supplied passwords, or automated password generation. A secret can be generated outside the TOE (e.g. selected by the user and introduced in the system). In such cases, the FIASOS.1 component can be used to ensure that the external generated secret adheres to certain standards, for example a minimum size, not present in a dictionary, and/or not previously used. Secrets can also be generated by the TOE. In those cases, the FIASOS.2 component can be used to require the TOE to ensure that the secrets that will adhere to some specified metrics. User notes Secrets contain the authentication data provided by the user for an authentication mechanism that is based on knowledge the user possesses. When cryptographic keys are employed, the class FCS should be used instead of this family. FIASOS.1 Verification of secrets User application notes Secrets can be generated by the user. This component ensures that those user generated secrets can be verified to meet a certain quality metric. Operations Assignment: In FIASOS.1.1, the PP/ST author should provide a defined quality metric. The quality metric specification can be as simple as a description of the quality checks to be performed, or as formal as a reference to a government published standard that defines the quality metrics that secrets must meet. Examples of quality metrics could include a description of the alphanumeric structure of acceptable secrets and/or the space size that acceptable secrets must meet. FIASOS.2 TSF generation of secrets This component allows the TSF to generate secrets for specific functions such as authentication by means of passwords. User application notes When a pseudo-random number generator is used in a secret generation algorithm, it should accept as input random data that would provide output that has a high degree of unpredictability. This random data (seed) can be derived from a number of available parameters such as a system clock, system registers, date, time, etc. The parameters should be selected to ensure that the number of 0 ... 86 87 88 89 90 91 92 ... 117
|
