Family behaviour
This family ensures that a user may use a resource or service without disclosing its user identity, but can still be accountable for that use.
Component levelling
FPR_PSE.1 Pseudonymity requires that a set of users and/or subjects are unable to determine the identity of a user bound to a subject or operation, but that this user is still accountable for its actions.
FPR_PSE.2 Reversible pseudonymity requires the TSF to provide a capability to determine the original user identity based on a provided alias.
FPR_PSE.3 Alias pseudonymity requires the TSF to follow certain construction rules for the alias to the user identity.
Management: FPR_PSE.1 Pseudonymity, FPR_PSE.2, FPR_PSE.3
There are no management activities foreseen for these components.
Audit: FPR_PSE.1, FPR_PSE.2, FPR_PSE.3
The following actions shall be auditable if FAU_GEN Security audit data generation is included in the PP / ST:
a) Minimal: The subject/user that requested resolution of the user identity should be audited.