search

CCUFMG / Extended-SFRs

0 stars 0 forks source link

FIA_MBE_EXT Biometric enrolment #1

Open woodbe opened 2 years ago

woodbe commented 2 years ago

= Identification and Authentication (FIA)

== Biometric enrolment (FIA_MBE_EXT)

=== Family Behaviour

This component defines the requirements for the TSF to be able to enrol a user, create templates of sufficient quality and prevent presentation attacks.

=== Component levelling

FIA_MBE_EXT.1 Biometric enrolment requires the TSF to enrol a user.

FIA_MBE_EXT.2 Quality of biometric templates for biometric enrolment requires the TSF to create templates of sufficient quality.

FIA_MBE_EXT.3 Presentation attack detection for biometric enrolment requires the TSF to detect and prevent presentation attacks during the biometric enrolment.

=== Management: FIA_MBE_EXT.1

There are no management activities foreseen.

=== Management: FIA_MBE_EXT.2

The following actions could be considered for the management functions in FMT:

a) the management of the TSF data (setting threshold values for quality scores to generate templates) by an administrator.

=== Management: FIA_MBE_EXT.3 The following actions could be considered for the management functions in FMT:

a) the management of the TSF data (setting values for detecting artificial presentation attack instruments) by an administrator.

=== Audit: FIA_MBE_EXT.1, FIA_MBE_EXT.2 The following actions should be auditable if FAU_GEN Security audit data generation is included in the Base-PP/ST:

a) Basic: Success or failure of the biometric enrolment

=== Audit: FIA_MBE_EXT.3 The following actions should be auditable if FAU_GEN Security audit data generation is included in the Base-PP/ST:

a) Basic: Detection of presentation attacks

=== FIA_MBE_EXT.1 Biometric enrolment Hierarchical to: No other components

Dependencies: No dependencies

FIA_MBE_EXT.1.1 The TSF shall provide a mechanism to enrol an authenticated user.

=== FIA_MBE_EXT.2 Quality of biometric templates for biometric enrolment Hierarchical to: No other components

Dependencies: FIA_MBE_EXT.1 Biometric enrolment

FIA_MBE_EXT.2.1 The TSF shall only use biometric samples of sufficient quality for enrolment. Sufficiency of sample data shall be determined by measuring sample with [selection: [[assignment: quality metric standard] using a threshold of [assignment: quality metric threshold]], [assignment: developer defined quality assessment method]].

=== FIA_MBE_EXT.3 Presentation attack detection for biometric enrolment

Hierarchical to: No other components

Dependencies: FIA_MBE_EXT.1 Biometric enrolment

FIA_MBE_EXT.3.1 The TSF shall prevent use of artificial presentation attack instruments from being successfully enroled.

woodbe commented 2 years ago

DITAA diagram for component leveling:

[ditaa,"FIA_MBE_EXT"] .... +---+ +->| 1 | | +---+ +------------------------------------------+ | | | | +---+ | FIA_MBE_EXT Biometric enrolment +--+->| 2 | | | | +---+ +------------------------------------------+ | | +---+ +->| 3 | +---+ ....