Open woodbe opened 2 years ago
DITAA diagram for component leveling:
[ditaa,"FIA_MBE_EXT"] .... +---+ +->| 1 | | +---+ +------------------------------------------+ | | | | +---+ | FIA_MBE_EXT Biometric enrolment +--+->| 2 | | | | +---+ +------------------------------------------+ | | +---+ +->| 3 | +---+ ....
= Identification and Authentication (FIA)
== Biometric enrolment (FIA_MBE_EXT)
=== Family Behaviour
This component defines the requirements for the TSF to be able to enrol a user, create templates of sufficient quality and prevent presentation attacks.
=== Component levelling
FIA_MBE_EXT.1 Biometric enrolment requires the TSF to enrol a user.
FIA_MBE_EXT.2 Quality of biometric templates for biometric enrolment requires the TSF to create templates of sufficient quality.
FIA_MBE_EXT.3 Presentation attack detection for biometric enrolment requires the TSF to detect and prevent presentation attacks during the biometric enrolment.
=== Management: FIA_MBE_EXT.1
There are no management activities foreseen.
=== Management: FIA_MBE_EXT.2
The following actions could be considered for the management functions in FMT:
a) the management of the TSF data (setting threshold values for quality scores to generate templates) by an administrator.
=== Management: FIA_MBE_EXT.3 The following actions could be considered for the management functions in FMT:
a) the management of the TSF data (setting values for detecting artificial presentation attack instruments) by an administrator.
=== Audit: FIA_MBE_EXT.1, FIA_MBE_EXT.2 The following actions should be auditable if FAU_GEN Security audit data generation is included in the Base-PP/ST:
a) Basic: Success or failure of the biometric enrolment
=== Audit: FIA_MBE_EXT.3 The following actions should be auditable if FAU_GEN Security audit data generation is included in the Base-PP/ST:
a) Basic: Detection of presentation attacks
=== FIA_MBE_EXT.1 Biometric enrolment Hierarchical to: No other components
Dependencies: No dependencies
FIA_MBE_EXT.1.1 The TSF shall provide a mechanism to enrol an authenticated user.
=== FIA_MBE_EXT.2 Quality of biometric templates for biometric enrolment Hierarchical to: No other components
Dependencies: FIA_MBE_EXT.1 Biometric enrolment
FIA_MBE_EXT.2.1 The TSF shall only use biometric samples of sufficient quality for enrolment. Sufficiency of sample data shall be determined by measuring sample with [selection: [[assignment: quality metric standard] using a threshold of [assignment: quality metric threshold]], [assignment: developer defined quality assessment method]].
=== FIA_MBE_EXT.3 Presentation attack detection for biometric enrolment
Hierarchical to: No other components
Dependencies: FIA_MBE_EXT.1 Biometric enrolment
FIA_MBE_EXT.3.1 The TSF shall prevent use of artificial presentation attack instruments from being successfully enroled.