Раздел: Документация

0 ... 89 90 91 92 93 94 95 ... 117

G.6 User-subject binding (FIAJJSB)

An authenticated user, in order to use the TOE, typically activates a subject. The users security attributes are associated (totally or partially) with this subject. This family defines requirements to create and maintain the association of the users security attributes to a subject acting on the users

behalf.

FIAUSB.1 User-subject binding

User application notes

The phrase "acting on behalf of has proven to be a contentious issue in previous criteria. It is intended that a subject is acting on behalf of the user who caused the subject to come into being or to be activated to perform a certain task. Therefore, when a subject is created, that subject is acting on behalf of the user who initiated the creation. In case anonymity is used, the subject is still acting on behalf of a user, but the identity of the user is unknown. A special category are the subjects that serve multiple users (e.g. a server process). In such cases the user that created this subject is assumed to be the owner.

---

---

Annex H (informative)

Security management (FMT)

This class specifies the management of several aspects of the TSF: security attributes, TSF data and functions in the TSF. The different management roles and their interaction, such as separation of capability, can also be specified

In an environment where the TOE is made up of multiple physically separated parts that form a distributed system, the timing issues with respect to propagation of security attributes, TSF data, and function modification become very complex, especially if the information is required to be replicated across the parts of the TOE. This should be considered when selecting components such as FMTREV.1 Revocation, or FMTSAE.1 Time-limited authorisation, where the behaviour might be impaired. In such situations, use of components from FPTTRC is advisable.

0 ... 89 90 91 92 93 94 95 ... 117