canmove, Confirmed users
937
edits
VE 03: Difference between revisions
Jump to navigation
Jump to search
→VE.03.23.01
| Line 428: | Line 428: | ||
</P> | </P> | ||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | <P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | ||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.25 (Level 2)</FONT></B> For each attempt to use the authentication mechanism, the probability shall be less than one in 1,000,000 that a random attempt will succeed or a false acceptance will occur (e.g., guessing a password or PIN, false acceptance error rate of a biometric device, or some combination of authentication methods).</FONT></FONT></FONT></P> | |||
==VE.03.25.01== | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.03.25.01 (Level 2)</FONT></B> The vendor documentation shall specify each authentication method and the associated false acceptance rate or probability that a random access will succeed.</FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.26 (Level 2)</FONT></B> For multiple attempts to use the authentication mechanism during a one-minute period, the probability shall be less than one in 100,000 that a random attempt will succeed or a false acceptance will occur.</FONT></FONT></FONT></P> | |||
==VE.03.26.01== | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.03.26.01 (Level 2)</FONT></B> The vendor documentation shall specify each authentication method and the associated probability of a successful random attempt during a one-minute period.</FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.27 (Level 2)</FONT></B> Feedback of authentication data to an operator shall be obscured during authentication (e.g., no visible display of characters when entering a password).</FONT></FONT></FONT></P> | |||
==VE.03.27.01== | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.03.27.01 (Level 2)</FONT></B> The vendor documentation shall specify the method used to obscure feedback of the authentication data to an operator during entry of the authentication data.</FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.28 (Level 2)</FONT></B> Feedback provided to an operator during an attempted authentication shall not weaken the strength of the authentication mechanism.</FONT></FONT></FONT></P> | |||
==VE.03.28.01== | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.03.28.01 (Level 2)</FONT></B> The vendor documentation shall specify the feedback mechanism that is used when the operator is entering authentication data.</FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.29</FONT></B>Documentation | <P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.29</FONT></B>Documentation | ||
shall specify:</FONT></FONT></FONT></P> | shall specify:</FONT></FONT></FONT></P> | ||
| Line 449: | Line 478: | ||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module.</FONT></FONT></FONT></P> | <P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module.</FONT></FONT></FONT></P> | ||
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | <P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | ||
<P ALIGN=LEFT STYLE="margin-top: 0.01in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.30</FONT></B>If | <P ALIGN=LEFT STYLE="margin-top: 0.01in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.03.30</FONT></B>If | ||
authentication mechanisms are not supported by the cryptographic </FONT></FONT></FONT> | authentication mechanisms are not supported by the cryptographic </FONT></FONT></FONT> | ||
| Line 460: | Line 490: | ||
</P> | </P> | ||
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | <P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | ||
==VE.03.30.01== | ==VE.03.30.01== | ||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.03.30.01</FONT></B>The | <P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.03.30.01</FONT></B>The | ||