FIA_UAU.3 Unforgeable authentication
User application notes
This component addresses requirements for mechanisms that provide protection of authentication data. Authentication data that is copied from another user, or is in some way constructed should be detected and/or rejected. These mechanisms provide confidence that users authenticated by the TSF are actually who they claim to be.
This component may be useful only with authentication mechanisms that are based on authentication data that cannot be shared (e.g. biometrics). It is impossible for a TSF to detect or prevent the sharing of passwords outside the control of the TSF.
Operations
Selection:
In FIA_UAU.3.1, the PP/ST author should specify whether the TSF will detect, prevent, or detect and prevent forging of authentication data
In FIA_UAU.3.2, the PP/ST author should specify whether the TSF will detect, prevent, or detect and prevent copying of authentication data