woodbe
commented
2 years ago DITAA diagram for component leveling:
[ditaa,"FIA_MBV_EXT"] .... +---+ +->| 1 | | +---+ +--------------------------------------------+ | | | | +---+ | FIA_MBV_EXT Biometric verification +--+->| 2 | | | | +---+ +--------------------------------------------+ | | +---+ +->| 3 | +---+ ....
= Biometric verification (FIA_MBV_EXT)
== Family Behaviour This component defines the requirements for the TSF to be able to verify a user, use samples of sufficient quality and prevent presentation attacks.
== Component levelling
FIA_MBV_EXT.1 Biometric verification requires the TSF to verify a user.
FIA_MBV_EXT.2 Quality of biometric samples for biometric verification requires the TSF to use samples of sufficient quality.
FIA_MBV_EXT.3 Presentation attack detection for biometric verification requires the TSF to detect and prevent presentation attacks during the biometric verification.
== Management: FIA_MBV_EXT.1
The following actions could be considered for the management functions in FMT:
a) the management of the TSF data (setting threshold values) by an administrator.
== Management: FIA_MBV_EXT.2 The following actions could be considered for the management functions in FMT:
a) the management of the TSF data (setting threshold values for quality scores to check samples) by an administrator.
== Management: FIA_MBV_EXT.3 The following actions could be considered for the management functions in FMT:
a) the management of the TSF data (setting values for detecting artificial presentation attack instruments) by an administrator.
== Audit: FIA_MBV_EXT.1, FIA_MBV_EXT.2 The following actions should be auditable if FAU_GEN Security audit data generation is included in the Base-PP/ST:
a) Basic: Success or failure of the biometric verification
== Audit: FIA_MBV_EXT.3 The following actions should be auditable if FAU_GEN Security audit data generation is included in the Base-PP/ST:
a) Basic: Detection of presentation attacks
== FIA_MBV_EXT.1 Biometric verification
Hierarchical to: No other components
Dependencies: FIA_MBE_EXT.1 Biometric enrolment
FIA_MBV_EXT.1.1 The TSF shall provide a biometric verification mechanism using [selection: eye, face, fingerprint, vein].
FIA_MBV_EXT.1.2 The TSF shall provide a biometric verification mechanism with the [selection: FMR, FAR] not exceeding [assignment: value equal to or less than 0.01% (1:10^4^)] for the upper bound of [assignment: value equal to or greater than 80%] confidence interval and, [selection: FNMR, FRR] not exceeding [assignment: value equal to or less than 5% (5:100)] for the upper bound of [assignment: value equal to or greater than 80%] confidence interval.
== FIA_MBV_EXT.2 Quality of biometric samples for biometric verification Hierarchical to: No other components.
Dependencies:
FIA_MBE_EXT.1 Biometric enrolment
FIA_MBV_EXT.1 Biometric verification
FIA_MBV_EXT.2.1 The TSF shall only use biometric samples of sufficient quality for verification. Sufficiency of sample data shall be determined by measuring sample with [selection: [[assignment: quality metric standard] using a threshold of [assignment: quality metric threshold]], [assignment: developer defined quality assessment method]].
== FIA_MBV_EXT.3 Presentation attack detection for biometric verification Hierarchical to: No other components
Dependencies:
FIA_MBE_EXT.1 Biometric enrolment
FIA_MBV_EXT.1 Biometric verification
FIA_MBV_EXT.3.1 The TSF shall provide a biometric verification mechanism with the IAPAR not exceeding [assignment: value equal to or less than 15% (15:100)] to prevent use of artificial presentation attack instruments from being successfully verified.