Date: |
10/31/2003 |
Subject: |
Settable Failure Limits are Permitted |
CC Part #1 Reference: |
|
CC Part #2 Reference: |
CC Part 2, FIA_AFL, Annex G |
CC Part #3 Reference: |
|
CEM Reference: |
|
Issue:
In element FIA_AFL.1.1, the PP/ST author should specify the default number of unsuccessful authentication attempts that, when met or surpassed, will cause the TSF to perform some action or actions. Part 2, Annex G.1, paragraph 958 states that the PP/ST author may specify that the number is: "an authorised administrator configurable number". However, the wording used in element FIA_AFL.1.1 ("[assignment: number]") does not allow a phrase to be inserted
Interpretation
It should be possible for the PP/ST author to specify that the administrator is able to specify the number of unsuccessful authentication attempts permitted before the TSF performs some set of actions. This number of unsuccessful authentication attempts should be a value taken from the range of values acceptable to the PP/ST author.
The PP/ST author should specify the range of acceptable values by giving the upper and lower bounds for the range of acceptable values. The adminstrator selects a value from that range. Thus, the number of authentication attempts should be less than or equal to the upper bound and greater or equal to the lower bound values. The number of unsuccessful authentication attempts specified must be a positive integer.
Specific Changes
FIA_AFL.1.1 is replaced by the following:
FIA_AFL.1.1 The TSF shall detect when [selection: [assignment: positive integer number], "an administrator configurable positive integer within [assignment: range of acceptable values]"] unsuccessful authentication attempts occur related to [assignment: list of authentication events]".
In Annex G.1, FIA_AFL.1, Operations, the following is added before the "Assignment" operation:
Selection:
In FIA_AFL.1.1, the PP/ST author should select either the assignment of a positive integer, or the phrase "an administrator configurable positive integer" specifying the range of acceptable values of the range.
In Annex G.1, FIA_AFL.1, Operations, paragraph 958 (the first "Assignment") is replaced with the following:
Selection:
In FIA_AFL.1.1, the PP/ST author should specify whether the TSF shall detect a specified positive number of authentication failures or an administrator configurable positive number of authentication failures.
Assignment:
In FIA_AFL.1.1, if the assignment of a positive integer is selected, the PP/ST author should specify the default number (positive integer) of unsuccessful authentication attempts that, when met or surpassed, will trigger the events.
In FIA_AFL.1.1, if an administrator configurable positive integer is selected, the PP/ST author should specify the range of acceptable values from which the administrator of the TOE may configure the number of unsuccessful authentication attempts. The number of authentication attempts should be less than or equal to the upper bound and greater or equal to the lower bound values.
Rationale
This interpretation permits the specification of the number of unauthorised authentication attempts to be specified by the administrator, within a range of values acceptable to the PP/ST author. This ensures the 'number' specified is a positive integer.