All authorised users may have a set of security attributes, other than the user's identity, that are used to enforce the TSP. This family defines the requirements for associating user security attributes with users as needed to support the TSP.
User notes
There are dependencies on the individual security policy definitions. These individual definitions should contain the listing of attributes that are necessary for policy enforcement.