mmbarry
commented
3 years ago DITAA diagram for component leveling
[ditaa,"FIA_USB_EXT"]
+-------------------------------------- + | | +---+ +---+ | FIA_USB_EXT User-subject binding + ------> | 1 | -----> | 2 | | | +---+ +---+ +---------------------------------------+
=Enhanced user-subject binding (FIA_USB_EXT)
== Family Behaviour FIA_USB_EXT.2 is analogous to FIA_USB.1 except that it adds the possibility to specify rules whereby subject security attributes are also derived from TSF data other than user security attributes.
== Component levelling FIA_USB_EXT.2 is hierarchical to FIA_USB.1.
Management See management description specified for FIA_USB.1 in [CC2].
Audit See audit requirement specified for FIA_USB.1 in [CC2].
==FIA_USB_EXT.2 Enhanced user-subject binding
Hierarchical to: FIA_USB.1 User-subject binding Dependencies: FIA_ATD.1 User attribute definition
FIA_USB_EXT.2.1
The TSF shall associate the following user security attributes with subjects acting on the behalf of that user: [assignment: list of user security attributes].
FIA_USB_EXT.2.2
The TSF shall enforce the following rules on the initial association of user security attributes with subjects acting on the behalf of users: [assignment: rules for the initial association of attributes].
FIA_USB_EXT.2.3
The TSF shall enforce the following rules governing changes to the user security attributes associated with subjects acting on the behalf of users: [assignment: rules for the changing of attributes].
FIA_USB_EXT.2.4
The TSF shall enforce the following rules for the assignment of subject security attributes not derived from user security attributes when a subject is created: [assignment: rules for the initial association of the subject security attributes not derived from user security attributes].