Open woodbe opened 3 years ago
CMFA shall continuously determine the current level of confidence in the authentication of a user based on inputs from sensors and configuration data.
PP-module defines SFRs that correspond to this requirement (see below) and SD describes evaluation activities to test those SFR (e.g. take the device out of the office and check the device is locked immediately after evaluator move the device far away enough from registered (trusted) place)
TOE shall determine the confidence rating with following rule and update the rating at [Assignment: min or max time interval of update]
BEW: This should probably have a selection for time (maybe with some set of expected values, though I don't know what those would be) and then an event trigger (i.e. if Wi-Fi is turned on/off could automatically trigger a refresh).
Increase the rating when [Assignment: some conditions (e.g. recognize a user’s voice] are met
Decrease the rating when [Assignment: some conditions (e.g. located in untrusted location)] are met
Keep the rating when [Assignment: some conditions (e.g. signing into the company wifi)] are met
Reset the rating when [Assignment: some conditions (e.g. detect sensor failure)]
Removed since "accuracy" is not completely clear, and if the other determination of confidence don't already point to this, I think there is a problem (comparing to the BIO ESR, there is not an explicit accuracy requirement, and I'm not clear how this requirement could be repeatable off hand).
NOTE: I'm actually combining this into the "continuously" ESR.
CMFA shall accurately determine the current confidence rating of a user based on inputs from sensors and configuration data.
PP-module defines SFRs that correspond to this requirement (see below) and SD describes evaluation activities to test those SFR (e.g. method to evaluate the performance report provided by the vendor).
TOE shall provide a CMFA that meets [Assignment: method of measurement of performance and minimum performance requiremet]
There is no standard to measure CMFA performance because there are many combination of sensors that can be used by CMFA. However, vendor can set own performance matrix to objectively measure the accuracy of CMFA authentication. For example, vendor can create the test scenario and measure mean time to detect (time CMFA need to detect another user is start using a device (and decrease the confidence rating low enough so that the computer can transit to the locked state immidiately)).
Trust Score and unlocking
A key point raised was what should happen when a trust score falls below the threshold set for remaining unlocked. The question was whether it should be possible for a trust score to be raised again without a direct user action (i.e. entering a biometric or password) to maintain the device to be unlocked, or whether, once the score was below the threshold, the score cannot be raised to unlock the device again.
There were several points made:
This will likely need some sort of SFR to deal with the expectations and description of the solution
This is just a place to collect interesting points that come up so they are in one place. The thinking I have is that this would be used to generate issues once we are to the point of creating the PP-Module.
(things that have been determined to not be useful are in italics)